1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
Description: Drop secure-compare dependency
Author: sandra uwah <sandrauwah282@gmail.com>
Forwarded: not-needed
--- a/lib/http-server.js
+++ b/lib/http-server.js
@@ -5,8 +5,7 @@
httpServerCore = require('./core'),
auth = require('basic-auth'),
httpProxy = require('http-proxy'),
- corser = require('corser'),
- secureCompare = require('secure-compare');
+ corser = require('corser');
//
// Remark: backwards compatibility for previous
@@ -22,6 +21,17 @@
return new HttpServer(options);
};
+function compare (a, b) {
+ var mismatch = a.length === b.length ? 0 : 1;
+ if (mismatch) {
+ b = a;
+ };
+ for (var i = 0, il = a.length; i < il; ++i) {
+ mismatch |= (a.charCodeAt(i) ^ b.charCodeAt(i));
+ }
+ return mismatch === 0;
+};
+
/**
* Constructor function for the HttpServer object
* which is responsible for serving static files along
@@ -85,8 +95,8 @@
if (credentials) {
// if credentials is defined, name and pass are guaranteed to be string
// type
- var usernameEqual = secureCompare(options.username.toString(), credentials.name);
- var passwordEqual = secureCompare(options.password.toString(), credentials.pass);
+ var usernameEqual = compare(options.username.toString(), credentials.name);
+ var passwordEqual = compare(options.password.toString(), credentials.pass);
if (usernameEqual && passwordEqual) {
return res.emit('next');
}
|
