I'm not sure how MD5 would prevent the kind of attack he is proposing though. If the hacker has access to script source and can poison caches they would presumably be able to edit the invocation of any MD5 hash encoding and otherwise do anything else the application is normally allowed to do.
On Thursday, January 2, 2014 8:54:20 AM UTC-8, Sander Elias wrote: > > Hi Pushpendra, > > Actually there are quite a few MD5 hash encoders available. > > - http://www.onicos.com/staff/iz/amuse/javascript/expert/md5.txt > - http://pajhome.org.uk/crypt/md5/ > - http://www.myersdaily.org/joseph/javascript/md5-text.html > > The last one is claimed to be one of the fastest available. There are > probably quite a few more available. > > Regards > Sander > -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/groups/opt_out.
