support hypercorn server_names against dns rebind attacks, add cookie sessions to flash messages
This commit is contained in:
@ -339,7 +339,7 @@ class Hub:
|
||||
await trio.sleep_forever()
|
||||
|
||||
def _calc_authentication(self, ssl_binding: bytes, server_side: bool) -> bytes:
|
||||
m = hmac.new(self._config.secret.encode('utf8'), digestmod=hashlib.sha256)
|
||||
m = hmac.new(self._config.comm_secret.encode('utf8'), digestmod=hashlib.sha256)
|
||||
if server_side:
|
||||
m.update(b'server$')
|
||||
else:
|
||||
|
Reference in New Issue
Block a user