gist: 182118 - money patch rails to fix bug #3144- GitHub


  
    
      initializer/patch_secure_compare.rb #
    
    
      
      
        embed
        
      
      
      
      raw
    
  
  
  
    
      
        
          
            
            1
2
3
4
5
6
7
8
9
10
11
12
13

          
          
            
              module ActiveSupport
  class MessageVerifier
    private
      # constant-time comparison algorithm to prevent timing attacks
      def secure_compare(a, b)
        if a.respond_to?(:bytes)
          a.bytes.to_a == b.bytes.to_a
        else
          a.to_a == b.to_a
        end
      end
   end
end
Description:	money patch rails to fix bug #3144
Public Clone URL:	git://gist.github.com/182118.git Give this clone URL to anyone. `git clone git://gist.github.com/182118.git gist-182118`
Embed All Files:	show embed