kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/lib/api
History
Jörg Thalheim 9f089ac48c use constant-time string compare for internal api authentication 
Ruby str_equal uses memcmp internally to compare String.
Memcmp is vunerable to timing attacks because it returns early
on mismatch (on most x32 platforms memcmp uses a bytewise comparision).
Devise.secure_compare implements a constant time comparision instead.
 		2015-03-06 20:06:26 +01:00
..
api.rb
api_guard.rb
branches.rb
commits.rb
deploy_keys.rb
entities.rb Enable ParenthesesAsGroupedExpression rule 2015-03-02 18:45:28 -08:00
files.rb Improve error messages when file editing fails 2015-02-22 16:01:49 -07:00
group_members.rb
groups.rb
helpers.rb use constant-time string compare for internal api authentication 2015-03-06 20:06:26 +01:00
internal.rb Don't leak information about private project existence via Git-over-SSH/HTTP. 2015-03-02 17:52:48 +01:00
issues.rb
labels.rb
merge_requests.rb
milestones.rb
namespaces.rb
notes.rb
project_hooks.rb
project_members.rb
project_snippets.rb
projects.rb
repositories.rb
services.rb
session.rb
system_hooks.rb
users.rb Merge branch 'master' into mmonaco/gitlab-ce-api-user-noconfirm 2015-02-27 13:01:57 -08:00