diff options
Diffstat (limited to 'securecookie.go')
| -rw-r--r-- | securecookie.go | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/securecookie.go b/securecookie.go index 99be197..a4e0770 100644 --- a/securecookie.go +++ b/securecookie.go @@ -183,6 +183,9 @@ func (s *SecureCookie) Decode(name, value string, dst interface{}) error { // setErr saves the error only if there was no previous error. // Otherwise retErr would be overwritten by subsequent errors. + // This is used so that a nearly-same codepath is taken on each + // decode to help reduce the possibility of timing attacks. + // See #15 for details. setErr := func(err error) { if retErr == nil { retErr = err |