-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: open session replay attack #240
Conversation
Codecov Report
@@ Coverage Diff @@
## main #240 +/- ##
==========================================
+ Coverage 53.34% 54.83% +1.49%
==========================================
Files 41 41
Lines 3667 3797 +130
==========================================
+ Hits 1956 2082 +126
- Misses 1711 1715 +4
Flags with carried forward coverage won't be shown. Click here to find out more.
📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
I think we should have a time-to-live for the signature to avoid reusing the signature |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
In this pr, we proposed a method reduce the possibility of open session replay attack
Resolve QuerySession replay attack #239
Use random uuid string as token