Among other things, it’s almost certainly the case that the web server isn’t imp... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Godel_unicode on June 4, 2022 \| parent \| context \| favorite \| on: Confess your love with zero-knowledge Among other things, it’s almost certainly the case that the web server isn’t implementing a constant-time string comparison for the URL, which enables you to brute-force the value one character at a time.

jesprenj on June 11, 2022 [–]

Woah, that sounds interesting, do you have any links to share regarding that issue?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact