JKRhb
commented
2 years ago You mean in requests? The token length should vary between 1 and 8 bytes at the moment, being randomly determined when a new request is sent.
Closed Thousif-khan closed 2 years ago
JKRhb
commented
2 years ago You mean in requests? The token length should vary between 1 and 8 bytes at the moment, being randomly determined when a new request is sent.
Thousif-khan
commented
2 years ago is it possible to set token length in the request?, In my request i see the token length is fixed at 8.
JKRhb
commented
2 years ago In my request i see the token length is fixed at 8.
Oh, you are right, this is caused by the behavior of this method:
is it possible to set token length in the request?
I am afraid, you can only set a custom token at the moment (using the token parameter when creating a request):
So you could implement your own token generation function and then pass the generated token to the request. What you describe is definitely a missing feature, though, also considering that you could also use an extended token length (as described in RFC 8974). I guess it would be useful to be able to set it as a config parameter.
JKRhb
commented
2 years ago Note, however, that the choice of a default token length of 8 has probably been made due to security considerations in order to protect against spoofing attacks (see RFC 7252, section 5.3.1).
Thousif-khan
commented
2 years ago thanks. will go with custom token parameter.
can we set the token length?