Loading django/utils/crypto.py +5 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,11 @@ def constant_time_compare(val1, val2): Returns True if the two strings are equal, False otherwise. The time taken is independent of the number of characters that match. For the sake of simplicity, this function executes in constant time only when the two strings have the same length. It short-circuits when they have different lengths. Since Django only uses it to compare hashes of known expected length, this is acceptable. """ if len(val1) != len(val2): return False Loading Loading
django/utils/crypto.py +5 −0 Original line number Diff line number Diff line Loading @@ -85,6 +85,11 @@ def constant_time_compare(val1, val2): Returns True if the two strings are equal, False otherwise. The time taken is independent of the number of characters that match. For the sake of simplicity, this function executes in constant time only when the two strings have the same length. It short-circuits when they have different lengths. Since Django only uses it to compare hashes of known expected length, this is acceptable. """ if len(val1) != len(val2): return False Loading
