Skip to content

Commit

Permalink
minor #5619 Remove a caution note about StringUtils::equals() which i…
Browse files Browse the repository at this point in the history 
…s no longer true (javiereguiluz)

This PR was merged into the 2.3 branch.

Discussion
----------

Remove a caution note about StringUtils::equals() which is no longer true

| Q             | A
| ------------- | ---
| Doc fix?      | yes
| New docs?     | no
| Applies to    | all
| Fixed tickets | #5618

Commits
-------

d0f1a4e Remove a cauion note about StringUtils::equals() which is no longer true
  • Loading branch information
@wouterj
wouterj committed Sep 5, 2015
2 parents 0888d78 + d0f1a4e commit 1f79d9d
Showing 1 changed file with 0 additions and 5 deletions.
5 changes: 0 additions & 5 deletions components/security/secure_tools.rst
View file
Expand Up @@ -21,11 +21,6 @@ algorithm; you can use the same strategy in your own code thanks to the
// is some known string (e.g. password) equal to some user input?
$bool = StringUtils::equals($knownString, $userInput);

.. caution::

To avoid timing attacks, the known string must be the first argument
and the user-entered string the second.

Generating a Secure random Number
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Expand Down

0 comments on commit 1f79d9d

Please sign in to comment.