starred/cloudflare-email
1
0
Fork 0
mirror of https://github.com/Sh4yy/cloudflare-email.git synced 2026-04-27 02:45:52 +03:00
Code Issues 13 Projects Releases Packages Wiki Activity

[GH-ISSUE #14] Use constant time equality check for auth token #7

New issue
Open
opened 2026-03-04 00:01:35 +03:00 by kerem · 4 comments
kerem commented 2026-03-04 00:01:35 +03:00
Owner
Copy link

Originally created by @pethin on GitHub (Feb 18, 2024).
Original GitHub issue: https://github.com/Sh4yy/cloudflare-email/issues/14

Replace === with crypto.subtle.timingSafeEqual in https://github.com/Sh4yy/cloudflare-email/blob/main/src/middlewares/auth.ts#L16 to prevent timing attacks.

Example: https://developers.cloudflare.com/workers/examples/protect-against-timing-attacks/

Originally created by @pethin on GitHub (Feb 18, 2024). Original GitHub issue: https://github.com/Sh4yy/cloudflare-email/issues/14 Replace `===` with `crypto.subtle.timingSafeEqual` in https://github.com/Sh4yy/cloudflare-email/blob/main/src/middlewares/auth.ts#L16 to prevent timing attacks. Example: https://developers.cloudflare.com/workers/examples/protect-against-timing-attacks/
kerem commented 2026-03-04 00:01:36 +03:00
Author
Owner
Copy link

@D3vl0per commented on GitHub (Apr 26, 2024):

Like this @pethin https://github.com/D3vl0per/cloudflare-email/blob/main/src/middlewares/auth.ts?

<!-- gh-comment-id:2078415380 --> @D3vl0per commented on GitHub (Apr 26, 2024): Like this @pethin https://github.com/D3vl0per/cloudflare-email/blob/main/src/middlewares/auth.ts?
kerem commented 2026-03-04 00:01:36 +03:00
Author
Owner
Copy link

@taciturnaxolotl commented on GitHub (Apr 28, 2024):

Can you create a PR @D3vl0per?

<!-- gh-comment-id:2081551497 --> @taciturnaxolotl commented on GitHub (Apr 28, 2024): Can you create a PR @D3vl0per?
kerem commented 2026-03-04 00:01:36 +03:00
Author
Owner
Copy link

@D3vl0per commented on GitHub (Apr 28, 2024):

Done #18 @kcoderhtml !

<!-- gh-comment-id:2081556864 --> @D3vl0per commented on GitHub (Apr 28, 2024): Done #18 @kcoderhtml !
kerem commented 2026-03-04 00:01:36 +03:00
Author
Owner
Copy link

@taciturnaxolotl commented on GitHub (Apr 28, 2024):

thnks! hopefully @Sh4yy can merge both our PRs soon!

<!-- gh-comment-id:2081558402 --> @taciturnaxolotl commented on GitHub (Apr 28, 2024): thnks! hopefully @Sh4yy can merge both our PRs soon!
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
No results found.
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/cloudflare-email#7
No description provided.