https://bugzilla.wikimedia.org/show_bug.cgi?id=62497

T. Gries <m...@tgries.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |m...@tgries.de

--- Comment #12 from T. Gries <m...@tgries.de> ---
Comment on attachment 14787
  --> https://bugzilla.wikimedia.org/attachment.cgi?id=14787
Add CSRF token on Special:ChangePassword

The token compare function is _not_ running in constant time. As we have a
function for token comparison, we should use it here.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l

Reply via email to