diff options
author | zotlabs <mike@macgirvin.com> | 2017-09-05 17:12:31 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-09-05 17:12:31 -0700 |
commit | 6147f819ce908d7a52f905658e827c48aad92074 (patch) | |
tree | 5b1374914c359eab184ea6812778a67036e9f218 /Zotlabs/Zot/Auth.php | |
parent | 842a041a888434df7d6312db08ce805c5ee21bf7 (diff) | |
download | volse-hubzilla-6147f819ce908d7a52f905658e827c48aad92074.tar.gz volse-hubzilla-6147f819ce908d7a52f905658e827c48aad92074.tar.bz2 volse-hubzilla-6147f819ce908d7a52f905658e827c48aad92074.zip |
avoid a security patch and resultant compatibility issues; instead restrict the input characters we accept in token verification strings to hex digits. This will all be changing in the coming weeks/months anyway.
Diffstat (limited to 'Zotlabs/Zot/Auth.php')
-rw-r--r-- | Zotlabs/Zot/Auth.php | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/Zotlabs/Zot/Auth.php b/Zotlabs/Zot/Auth.php index 44f01174e..8d198f506 100644 --- a/Zotlabs/Zot/Auth.php +++ b/Zotlabs/Zot/Auth.php @@ -167,7 +167,6 @@ class Auth { dbesc($hubloc['hubloc_url']) ); - // needs a nonce!!!! $p = zot_build_packet($channel,$type = 'auth_check', array(array('guid' => $hubloc['hubloc_guid'],'guid_sig' => $hubloc['hubloc_guid_sig'])), $hubloc['hubloc_sitekey'], (($x) ? $x[0]['site_crypto'] : ''), $this->sec); |