pyramid/session.py | ●●●●● patch | view | raw | blame | history |
pyramid/session.py
@@ -244,8 +244,8 @@ sig = hmac.new(secret, pickled, sha1).hexdigest() # Avoid timing attacks (note that this is cadged from Pylons and I # have no idea what it means) # Avoid timing attacks (see # http://seb.dbzteam.org/crypto/python-oauth-timing-hmac.pdf) if len(sig) != len(input_sig): raise ValueError('Wrong signature length')