- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 159 for attacks (0.2 sec)
-
docs/en/docs/advanced/security/http-basic-auth.md
# Return some error ... ``` But by using the `secrets.compare_digest()` it will be secure against a type of attacks called "timing attacks". ### Timing Attacks But what's a "timing attack"? Let's imagine some attackers are trying to guess the username and password. And they send a request with a username `johndoe` and a password `love123`.
Plain Text - Registered: Sun Apr 21 07:19:11 GMT 2024 - Last Modified: Thu Jan 11 14:33:05 GMT 2024 - 5.9K bytes - Viewed (0) -
SECURITY.md
### Hardware attacks Physical GPUs or TPUs can also be the target of attacks. [Published research](https://scholar.google.com/scholar?q=gpu+side+channel) shows that it might be possible to use side channel attacks on the GPU to leak data from other running models or processes in the same system. GPUs can also have implementation bugs that might allow attackers to leave malicious code running
Plain Text - Registered: Tue Apr 23 12:39:09 GMT 2024 - Last Modified: Sun Oct 01 06:06:35 GMT 2023 - 9.6K bytes - Viewed (0) -
cmd/generic-handlers.go
header.Set("X-XSS-Protection", "1; mode=block") // Prevents against XSS attacks header.Set("X-Content-Type-Options", "nosniff") // Prevent mime-sniff header.Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains") // HSTS mitigates variants of MITM attacks // Previously, this value was set right before a response was sent to
Go - Registered: Sun Apr 21 19:28:08 GMT 2024 - Last Modified: Thu Apr 11 01:08:52 GMT 2024 - 20.7K bytes - Viewed (0) -
okhttp-tls/src/main/kotlin/okhttp3/tls/HandshakeCertificates.kt
} /** * Configures this to not authenticate the HTTPS server on to [hostname]. This makes the user * vulnerable to man-in-the-middle attacks and should only be used only in private development * environments and only to carry test data. * * The server’s TLS certificate **does not need to be signed** by a trusted certificate
Plain Text - Registered: Fri Apr 26 11:42:10 GMT 2024 - Last Modified: Mon Jan 08 01:13:22 GMT 2024 - 8.5K bytes - Viewed (1) -
android/guava/src/com/google/common/collect/AbstractBiMap.java
return true; } @Override public Iterator<Entry<K, V>> iterator() { return entrySetIterator(); } // See java.util.Collections.CheckedEntrySet for details on attacks. @Override public @Nullable Object[] toArray() { return standardToArray(); } @Override @SuppressWarnings("nullness") // bug in our checker's handling of toArray signatures
Java - Registered: Fri Apr 26 12:43:10 GMT 2024 - Last Modified: Thu Aug 24 01:40:03 GMT 2023 - 13.8K bytes - Viewed (0) -
okhttp/src/main/kotlin/okhttp3/CertificatePinner.kt
import okio.ByteString import okio.ByteString.Companion.decodeBase64 import okio.ByteString.Companion.toByteString /** * Constrains which certificates are trusted. Pinning certificates defends against attacks on * certificate authorities. It also prevents connections through man-in-the-middle certificate * authorities either known or unknown to the application's user.
Plain Text - Registered: Fri Apr 26 11:42:10 GMT 2024 - Last Modified: Mon Jan 08 01:13:22 GMT 2024 - 14.2K bytes - Viewed (1) -
doc/godebug.md
that can be used in TLS handshakes, controlled by the [`tlsmaxrsasize` setting](/pkg/crypto/tls#Conn.Handshake). The default is tlsmaxrsasize=8192, limiting RSA to 8192-bit keys. To avoid denial of service attacks, this setting and default was backported to Go 1.19.13, Go 1.20.8, and Go 1.21.1. Go 1.22 made it an error for a request or response read by a net/http client or server to have an empty Content-Length header.
Plain Text - Registered: Tue Apr 23 11:13:09 GMT 2024 - Last Modified: Tue Apr 16 17:29:58 GMT 2024 - 13.5K bytes - Viewed (0) -
guava/src/com/google/common/collect/AbstractBiMap.java
return true; } @Override public Iterator<Entry<K, V>> iterator() { return entrySetIterator(); } // See java.util.Collections.CheckedEntrySet for details on attacks. @Override public @Nullable Object[] toArray() { return standardToArray(); } @Override @SuppressWarnings("nullness") // bug in our checker's handling of toArray signatures
Java - Registered: Fri Apr 05 12:43:09 GMT 2024 - Last Modified: Thu Aug 24 01:40:03 GMT 2023 - 14.6K bytes - Viewed (0) -
CHANGELOG.md
``` * New: `Cookie.sameSite` determines whether cookies should be sent on cross-site requests. This is used by servers to defend against Cross-Site Request Forgery (CSRF) attacks. * New: Log the total time of the HTTP call in `HttpLoggingInterceptor`. * New: `OkHttpClient.Builder` now has APIs that use `kotlin.time.Duration`.
Plain Text - Registered: Fri Apr 26 11:42:10 GMT 2024 - Last Modified: Thu Apr 18 01:31:39 GMT 2024 - 21.4K bytes - Viewed (0) -
cmd/object-api-utils.go
} return o.DecryptedSize() } return o.Size, nil } // Disabling compression for encrypted enabled requests. // Using compression and encryption together enables room for side channel attacks. // Eliminate non-compressible objects by extensions/content-types. func isCompressible(header http.Header, object string) bool { globalCompressConfigMu.Lock() cfg := globalCompressConfig
Go - Registered: Sun Apr 21 19:28:08 GMT 2024 - Last Modified: Mon Mar 11 11:55:34 GMT 2024 - 35.6K bytes - Viewed (1)