revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-28 17:52:43 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/conduit/controller
History
epriestley 29948eaa5b Use phutil_hashes_are_identical() when comparing hashes in Phabricator 
Summary: See D14025. In all cases where we compare hashes, use strict, constant-time comparisons.

Test Plan: Logged in, logged out, added TOTP, ran Conduit, terminated sessions, submitted forms, changed password. Tweaked CSRF token, got rejected.

Reviewers: chad

Reviewed By: chad

Subscribers: chenxiruanhai

Differential Revision: https://secure.phabricator.com/D14026
2015-09-01 15:52:44 -07:00
..
PhabricatorConduitAPIController.php Use phutil_hashes_are_identical() when comparing hashes in Phabricator 2015-09-01 15:52:44 -07:00
PhabricatorConduitConsoleController.php Merge branch 'master' into redesign-2015 2015-05-22 12:57:32 -07:00
PhabricatorConduitController.php Show how to call Conduit API methods from clients 2015-05-08 12:19:52 -07:00
PhabricatorConduitListController.php Decouple some aspects of request routing and construction 2014-10-17 05:01:40 -07:00
PhabricatorConduitLogController.php Merge branch 'master' into redesign-2015 2015-05-28 12:00:06 -07:00
PhabricatorConduitTokenController.php Remove @group annotations 2014-07-10 08:12:48 +10:00
PhabricatorConduitTokenEditController.php Generate and use "cluster" Conduit API tokens 2014-12-15 11:15:14 -08:00
PhabricatorConduitTokenHandshakeController.php Add conduit.getcapabilities and a modern CLI handshake workflow 2014-12-15 11:14:53 -08:00
PhabricatorConduitTokenTerminateController.php Add Conduit Tokens to make authentication in Conduit somewhat more sane 2014-12-15 11:14:23 -08:00