You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm able to inadvertently create a signature that contains separator itself.
See:
In [21]: s = Signer('secret-key', sep='_')
In [22]: signed = s.sign('foobar')
In [23]: signed
Out[23]: 'foobar_bM9Ftq9n87nl0Xc_Rs9orkssfJ0'
In [24]: s.unsign(signed)
---------------------------------------------------------------------------
BadSignature Traceback (most recent call last)
<ipython-input-24-ea5a1a92fab7> in <module>()
----> 1 s.unsign(signed)
/Users/catalbas/envs/token-test/lib/python2.7/site-packages/itsdangerous.pyc in unsign(self, signed_value)
372 return value
373 raise BadSignature('Signature %r does not match' % sig,
--> 374 payload=value)
375
376 def validate(self, signed_value):
BadSignature: Signature 'Rs9orkssfJ0' does not match
The text was updated successfully, but these errors were encountered:
I'm able to inadvertently create a signature that contains separator itself.
See:
The text was updated successfully, but these errors were encountered: