mirror of
https://github.com/vector-im/hydrogen-web.git
synced 2024-12-23 03:25:12 +01:00
comment to explain replay attack better
This commit is contained in:
parent
a33200d926
commit
a536ea7742
@ -47,6 +47,10 @@ export class DecryptionChanges {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// need to handle replay attack because
|
||||||
|
// if we redecrypted the same message twice and showed it again
|
||||||
|
// then it could be a malicious server admin replaying the word “yes”
|
||||||
|
// to make you respond to a msg you didn’t say “yes” to, or something
|
||||||
async _handleReplayAttack(roomId, replayEntry, txn) {
|
async _handleReplayAttack(roomId, replayEntry, txn) {
|
||||||
const {messageIndex, sessionId, eventId, timestamp} = replayEntry;
|
const {messageIndex, sessionId, eventId, timestamp} = replayEntry;
|
||||||
const decryption = await txn.groupSessionDecryptions.get(roomId, sessionId, messageIndex);
|
const decryption = await txn.groupSessionDecryptions.get(roomId, sessionId, messageIndex);
|
||||||
|
Loading…
Reference in New Issue
Block a user