- Sort Score
- Result 10 results
- Languages All
Results 1 - 3 of 3 for or (0.11 sec)
-
docs/zh/docs/advanced/security/http-basic-auth.md
{!../../../docs_src/security/tutorial007.py!} ``` 这段代码确保 `credentials.username` 是 `"stanleyjobson"`,且 `credentials.password` 是`"swordfish"`。与以下代码类似: ```Python if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"): # Return some error ... ``` 但使用 `secrets.compare_digest()`,可以防御**时差攻击**,更加安全。 ### 时差攻击 什么是**时差攻击**? 假设攻击者试图猜出用户名与密码。
Plain Text - Registered: Sun May 05 07:19:11 GMT 2024 - Last Modified: Sat Mar 30 22:43:48 GMT 2024 - 3.9K bytes - Viewed (0) -
docs/de/docs/advanced/security/http-basic-auth.md
#### Die Zeit zum Antworten hilft den Angreifern Wenn die Angreifer zu diesem Zeitpunkt feststellen, dass der Server einige Mikrosekunden länger braucht, um die Antwort „Incorrect username or password“ zu senden, wissen sie, dass sie _etwas_ richtig gemacht haben, einige der Anfangsbuchstaben waren richtig.
Plain Text - Registered: Sun May 05 07:19:11 GMT 2024 - Last Modified: Sat Mar 30 20:28:08 GMT 2024 - 6.9K bytes - Viewed (0) -
docs/en/docs/advanced/security/http-basic-auth.md
Plain Text - Registered: Sun May 05 07:19:11 GMT 2024 - Last Modified: Thu Jan 11 14:33:05 GMT 2024 - 5.9K bytes - Viewed (0)