mirror of
https://we.phorge.it/source/phorge.git
synced 2024-09-21 17:58:47 +02:00
7298589c86
Summary: Ref T3684 for discussion. This could be cleaned up a bit (it would be nice to draw entropy once per request, for instance, and maybe respect CSRF_TOKEN_LENGTH more closely) but should effectively mitigate BREACH. Test Plan: Submitted forms; submitted forms after mucking with CSRF and observed CSRF error. Verified that source now has "B@..." tokens. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T3684 Differential Revision: https://secure.phabricator.com/D6686 |
||
|---|---|---|
| .. | ||
| __tests__ | ||
| PhabricatorGlobalLock.php | ||
| PhabricatorHash.php | ||
| PhabricatorSlug.php | ||