1 |
|
2 |
|
3 | function safeEqual (a, b) {
|
4 | if (typeof b !== 'string' || typeof b !== 'string') {
|
5 | return a === b
|
6 | }
|
7 |
|
8 | // xor strings for security
|
9 | var mismatch = 0
|
10 | for (var i = 0; i < a.length; ++i) {
|
11 | mismatch |= (a.charCodeAt(i) ^ b.charCodeAt(i))
|
12 |
|
13 | // check after for perf, we don't want to
|
14 | // re-enter the loop if we have a failure.
|
15 | if (mismatch > 0) {
|
16 | break
|
17 | }
|
18 | }
|
19 |
|
20 | return !mismatch
|
21 | }
|
22 |
|
23 | module.exports = safeEqual
|