search

ssheduardo / sermepa

Clase para utilizar la pasarela de pagos redsys, sermepa.
MIT License
191 stars 59 forks source link

Check payments with hash_equals() #92

Closed rogervila closed 11 months ago

rogervila commented 12 months ago

PHP hash_equals should be used instead of === to mitigate timing attacks.

PHP docs here: https://www.php.net/manual/en/function.hash-equals.php

ssheduardo commented 12 months ago

Thanks, I will check your pull request.