Closed Bug 975214 Opened 6 years ago Closed 6 years ago
"Disable" Hawk timestamp and nonce checking
(copy of https://github.com/mozilla/fxa-auth-server/issues/578) This isn't buying us that much and there's reason to believe it's causing failures and retries. Let's put it in "warn" mode for now and measure what's going on: Set the time window to something large, e.g., 20 years Disable the nonce replay checks Log all timestamp deltas so we can build a distribution of these deltas
This is relevant to my interests. Please subscribe me to your newsletter.
This patch creates a PermissiveNonceCache class that will not actually check the timestamps or nonces, just log them if they seem to be too highly skewed.
Attachment #8379456 - Flags: review?(telliott)
Attachment #8379456 - Flags: review?(telliott) → review+
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Any QA required here or just a code fix verification?
Code fix verification fine here, additional verification discussion in Bug 975001
Verified in code.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.