epriestley 29948eaa5b Use phutil_hashes_are_identical() when comparing hashes in Phabricator ... Summary: See D14025. In all cases where we compare hashes, use strict, constant-time comparisons. Test Plan: Logged in, logged out, added TOTP, ran Conduit, terminated sessions, submitted forms, changed password. Tweaked CSRF token, got rejected. Reviewers: chad Reviewed By: chad Subscribers: chenxiruanhai Differential Revision: https://secure.phabricator.com/D14026		2015-09-01 15:52:44 -07:00
..
customfield	Prevent "commit message magic words" parser from exploding on "reverts aaaa.....aaz"	2015-08-26 09:35:23 -07:00
daemon	Use PhutilClassMapQuery instead of PhutilSymbolLoader	2015-08-14 07:49:01 +10:00
diff	Prevent users from hiding unpublished inlines	2015-08-31 10:17:30 -07:00
edges	Use PhutilClassMapQuery	2015-07-07 22:51:57 +10:00
env	Use PhutilClassMapQuery instead of PhutilSymbolLoader	2015-08-14 07:49:01 +10:00
events	Use PhutilClassMapQuery instead of PhutilSymbolLoader	2015-08-14 07:49:01 +10:00
internationalization	Add some missing translations	2015-08-29 23:29:16 +10:00
javelin	Extend from Phobject	2015-06-15 18:02:27 +10:00
lint/linter	Tidy up some translation strings	2015-06-14 14:13:16 +10:00
log	Extend from Phobject	2015-06-15 18:02:27 +10:00
management	Add some of a billing daemon skeleton	2015-01-30 11:29:05 -08:00
markup	Fix possible recursive embeds in Dashboard text panels	2015-08-26 17:59:47 -07:00
query	Refine "invalid cursor" exception to have a little more information	2015-07-07 12:52:12 -07:00
sms	Various linter fixes	2015-08-11 22:36:55 +10:00
ssh	phtize all the things	2015-05-22 21:16:39 +10:00
storage	Allow transaction publishers to pass binary data to workers	2015-08-22 15:14:05 -07:00
testing	Extend from Phobject	2015-06-15 18:02:27 +10:00
time	Extend from Phobject	2015-06-15 18:02:27 +10:00
util	Use phutil_hashes_are_identical() when comparing hashes in Phabricator	2015-09-01 15:52:44 -07:00
PhabricatorEditor.php	Mark some strings for translation	2015-06-09 23:06:52 +10:00