github icon indicating copy to clipboard operation
github copied to clipboard
verified publisher icon haskell-github

`isValidPayload` should use constant time comparison for secrets

Open TomMD opened this issue 5 years ago • 0 comments

When comparing secrets one should use constant time comparison or a randomized comparison to avoid side channel attacks that can lead to compromise.

TomMD avatar Apr 17 '20 18:04 TomMD