1 |
|
2 |
|
3 | function safeEqual (a, b) {
|
4 | if (typeof a !== 'string' || typeof b !== 'string') {
|
5 | return a === b
|
6 | }
|
7 |
|
8 | var maxLength = Math.max(a.length, b.length)
|
9 |
|
10 | // xor strings for security
|
11 | var mismatch = 0
|
12 | for (var i = 0; i < maxLength; ++i) {
|
13 | mismatch |= (a.charCodeAt(i) ^ b.charCodeAt(i))
|
14 |
|
15 | // check after for perf, we don't want to
|
16 | // re-enter the loop if we have a failure.
|
17 | if (mismatch > 0) {
|
18 | break
|
19 | }
|
20 | }
|
21 |
|
22 | return !mismatch
|
23 | }
|
24 |
|
25 | module.exports = safeEqual
|