Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | use secure string comparisons for basic auth username / password | Aaron Patterson | 2016-01-22 | 1 | -0/+27 |
this will avoid timing attacks against applications that use basic auth. Conflicts: activesupport/lib/active_support/security_utils.rb Conflicts: actionpack/lib/action_controller/metal/http_authentication.rb CVE-2015-7576 |