mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-28 09:42:41 +01:00
32f91557f8
Summary: This prevents security by obscurity. If I have read-only access to the database then I can pretend to be any logged-in user. I've used `PhabricatorHash::digest()` (even though we don't need salt as the hashed string is random) to be compatible with user log. Test Plan: Applied patch. Verified I'm still logged in. Logged out. Logged in. $ arc tasks Reviewers: epriestley Reviewed By: epriestley CC: aran, Korvin Differential Revision: https://secure.phabricator.com/D6080 |
||
---|---|---|
.. | ||
application | ||
call | ||
config | ||
controller | ||
method | ||
protocol | ||
ssh | ||
storage |