-
https://github.com/kjur/jsrsasign/blob/master/src/jws-3.3.js#L484
to prevent timing attacks.
What about doing something like this?
```javascript
// from https://github.com/goinstant/buffer-e…
-
[Here](https://github.com/znk3r/hash_equals/blob/master/lib/hash_equals.php#L40-L42) you determinate which string is shorter and only compare the shorter part? 😯
When the string length is different …
-
So .. Arachni cannot find my login form - do you have any ideas?
I've tried with these parameters:
Username
Password
and
ctl00_bodyArea_Login1_UserName
ctl00_bodyArea_Login1_Password
``…
-
in the function ' base64_decode',
////////////////////////
char \* str = new char[ret.size()];
strcpy(str, ret.c_str());
///////////////////////
the strcpy is very DANGER, the alloc m…
-
The specification has a privacy section which mentions issues like fingerprinting based on capabilities and identifying underlying codecs. The specification does not provide much guidelines for mitiga…
-
# TODOS
- [ ] any existing work we should investigate
- [ ] mock-ups of existing algorithms
- [ ] how do loops work?
- [ ] do we need conditionals?
# GOALS
- Code generation reflects written c…
-
Spell : https://www.wowhead.com/spell=115546/provoke
From comments on wowhead you can clearly see, that this spell has a taunt mechanics.
A taunt is an effect or ability that forces mobs to focus …
-
Currently durations are rendered as:
```
strconv.FormatFloat(float64(m.Duration)/float64(time.Millisecond), 'f', -1, 64)
```
I think this is over precise: all digits beyond millisecond? That c…
mitar updated
2 years ago
-
I have a (1)suggestion and a (2)question about the "Compare secret strings in constant time".
(1) I guess the Cryptocoding resource is supposed to be an introduction beside giving expertise.
For …
-
Identifying timestamps and other time related data, e.g. via semantic tagging.
Need to discuss data formats for timestamps, time intervals, align with Web API.
Time series data also needs to be c…