- marked as minor
- edited description
SRP6JavascriptServerSession should free its variables
Issue #4
new
SRP6JavascriptServerSession is intended to be a temporary object for authentication. Someone may leave it in the session or in the database post authentication accidently. Or they may hold onto it deliberately in case they want to use the session key at a later point post authentication. At the moment the session object will hold onto all the intermediate calculation results used to perform the authentication. Instead it should delete the intermediate state as soon as possible to keep the memory footprint down.
Comments (1)
-
reporter - Log in to comment
Good first issue if someone wants to send a PR