Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 2 of 2 for attacks (0.13 sec)

  2. github.com/tiangolo/fastapi

    docs/en/docs/advanced/middleware.md 

    ```Python hl_lines="2  6"
{!../../../docs_src/advanced_middleware/tutorial001.py!}
```

## `TrustedHostMiddleware`

Enforces that all incoming requests have a correctly set `Host` header, in order to guard against HTTP Host Header attacks.

```Python hl_lines="2  6-8"
{!../../../docs_src/advanced_middleware/tutorial002.py!}
```

The following arguments are supported:
    Plain Text
    - Registered: Sun May 05 07:19:11 GMT 2024
    - Last Modified: Fri Mar 10 18:27:10 GMT 2023
    - 4K bytes
    - Viewed (0)
  3. github.com/tiangolo/fastapi

    docs/en/docs/advanced/security/http-basic-auth.md 

        # Return some error
    ...
```

But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks".

### Timing Attacks

But what's a "timing attack"?

Let's imagine some attackers are trying to guess the username and password.

And they send a request with a username `johndoe` and a password `love123`.
    Plain Text
    - Registered: Sun May 05 07:19:11 GMT 2024
    - Last Modified: Thu Jan 11 14:33:05 GMT 2024
    - 5.9K bytes
    - Viewed (0)
Back to top