DEV Community

loading...

Discussion on: RESTful Security: Plug the Leaks!

Collapse
jonerer profile image
Jon Mårdsjö

Btw this is also the reason why checking an auth token with == is not a valid practice -- you have to use a "time-secure" comparison