b21f0035d7
Also use ConstantTimeCompare() to compare CSRF tokens to prevent leaking any information in how quickly we reject bad tokens. Signed-off-by: Ryan Richard <richardry@vmware.com> |
||
---|---|---|
.. | ||
certauthority | ||
client | ||
concierge | ||
config | ||
constable | ||
controller | ||
controllerlib | ||
controllermanager | ||
downward | ||
dynamiccert | ||
here | ||
httputil | ||
mocks | ||
multierror | ||
oidc | ||
oidcclient | ||
plog | ||
registry/credentialrequest | ||
testutil |