cookie-signature
Advanced tools
Comparing version 1.0.6 to 1.1.0
17
index.js
@@ -40,13 +40,8 @@ /** | ||
var str = val.slice(0, val.lastIndexOf('.')) | ||
, mac = exports.sign(str, secret); | ||
return sha1(mac) == sha1(val) ? str : false; | ||
, mac = exports.sign(str, secret) | ||
, macBuffer = Buffer.from(mac) | ||
, valBuffer = Buffer.alloc(macBuffer.length); | ||
valBuffer.write(val); | ||
return crypto.timingSafeEqual(macBuffer, valBuffer) ? str : false; | ||
}; | ||
/** | ||
* Private | ||
*/ | ||
function sha1(str){ | ||
return crypto.createHash('sha1').update(str).digest('hex'); | ||
} |
{ | ||
"name": "cookie-signature", | ||
"version": "1.0.6", | ||
"version": "1.1.0", | ||
"description": "Sign and unsign cookies", | ||
@@ -8,4 +8,10 @@ "keywords": ["cookie", "sign", "unsign"], | ||
"license": "MIT", | ||
"repository": { "type": "git", "url": "https://github.com/visionmedia/node-cookie-signature.git"}, | ||
"repository": { | ||
"type": "git", | ||
"url": "https://github.com/visionmedia/node-cookie-signature.git" | ||
}, | ||
"dependencies": {}, | ||
"engines": { | ||
"node": ">=6.6.0" | ||
}, | ||
"devDependencies": { | ||
@@ -12,0 +18,0 @@ "mocha": "*", |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
3983
4
40