|
|
|
|
|
|
by YaBa
723 days ago
|
|
|
I've made a few changes in my software, use Base64 instead of numerical values, now I'm getting the following error: "Nonce must be 1-64 characters long and consist only of Base64 characteres" Whih is really odd, since my string has only 51 chars and all chars are valid within the Base64 group. If I remove the padding ("=") then it's good to go, however, there is a string in the scoreboard with "=" in it (garethgeorge/AHQAAAHPe0Q=) Did the user bypassed the javascript check using curl or something? Also, this could use some adjustments: const nonceRegex = /^[A-Za-z0-9+/]{1,64}$/;
if (!nonceRegex.test(nonce)) {
alert('Nonce must be 1-64 characters long and consist only of Base64 characters');
return false;
}
Personally, I would use const nonceRegex = /^[A-Za-z0-9+/]{1,64}(={0,2})$/; |
|
|