LionC
commented
9 months ago It is explicitly mentioned in the docs for users. The reason is that comparison with && is vulnerable to timing attacks because it short circuits.
Closed joaqim closed 9 months ago
LionC
commented
9 months ago It is explicitly mentioned in the docs for users. The reason is that comparison with && is vulnerable to timing attacks because it short circuits.
If this is intended - though I can't see why - there should be a comment explicitly mentioning it.