git.ipfire.org Git - thirdparty/tornado.git/commit

]> git.ipfire.org Git - thirdparty/tornado.git/commit

projects / thirdparty / tornado.git / commit

author	Ben Darnell <ben@bendarnell.com>
	Mon, 26 May 2014 17:33:21 +0000 (13:33 -0400)
committer	Ben Darnell <ben@bendarnell.com>
	Tue, 27 May 2014 00:44:06 +0000 (20:44 -0400)
commit	7279a303d1c366aabd4facfc6b29ed46c3422350
tree	25924420a3f0c9ffa622b66d804c0ecb22b9f9f7	tree
parent	f76f51a316a67f5877c78ec788066e58d8e40723	commit \| diff

Small security improvements to xsrf tokens; add tests.

Use os.urandom(16) instead of uuid.uuid4(), to reclaim a few bits of
entropy. Use _time_independent_equals for comparison.

tornado/test/web_test.py		diff \| blob \| blame \| history
tornado/web.py		diff \| blob \| blame \| history

Mirror of https://github.com/tornadoweb/tornado.git

RSS Atom