You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Since this PR #1791 mojo session cookie is padded to 1025 byte and after base64 encoding has final size almost 1.5KB
As far as i understand, if application has a reliable securtity key (256 bit and larger) padding is not neccessary and my cookie is secure enough against brute-force attacks.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Since this PR #1791 mojo session cookie is padded to 1025 byte and after base64 encoding has final size almost 1.5KB
As far as i understand, if application has a reliable securtity key (256 bit and larger) padding is not neccessary and my cookie is secure enough against brute-force attacks.
Am I right?
Beta Was this translation helpful? Give feedback.
All reactions