mirror of
https://github.com/meteor/meteor.git
synced 2026-05-02 03:01:46 -04:00
83af2e2179
Have `OAuthEncryption.open` throw "decryption unsuccessful" on any
error to avoid allowing an attacker to break the encryption key by
observing the result of sending manipulated ciphertexts.
Add oauth-encryption and the oauthSecretKey config options to the docs
page.
Update history.
More documentation on functions.
Use `OAuth.sealSecret(...)` instead of `{seal: ...}`.
Rename OAuth._openSecret(s) to OAuth.openSecret(s).
In the readme describing how to generate a key, just use Node instead
of going through the hassle of creating a Meteor application.
Have the `oauth` package weakly depend on `oauth-encryption` for when
it's being used without accounts.
Add tips on using oauth-encryption without accounts to the readme.
4 lines
41 B
JavaScript
4 lines
41 B
JavaScript
// XXX COMPAT WITH 0.8.0
|
|
|
|
Oauth = OAuth;
|