Bottr icon indicating copy to clipboard operation
Bottr copied to clipboard

Published 20 hours ago • verified publisher icon Bottr-js

Fix X-Hub-Signature Exploit

Open jcampbell05 opened this issue 8 years ago • 1 comments

https://chatbotsmagazine.com/how-to-kill-a-bot-with-10-http-requests-ca7eb57c2ad1#.j685u0tdj

Implement https://github.com/alexcurtis/express-x-hub into clients and consider implementing #36

jcampbell05 avatar Nov 10 '16 19:11 jcampbell05

Also make sure to use a constant time algorithm to compare the two values to avoid potential timing attacks.

davidmann4 avatar Jan 05 '17 11:01 davidmann4