I don't know why sha1 is used at line 42 in http://ift.tt/1Nl5CN8
At line 42 in index.js you can see
return sha1(mac) == sha1(val) ? str : false;
I've tried changing it to
return mac == val ? str : false;
And it seems that the sign and unsign functions still work correctly.
What is the reason to use sha1 here? Is it a kind of security issue? Is sha1 necessary here?
Aucun commentaire:
Enregistrer un commentaire