Cut half of the cookie, the HMAC is enough

author: Runxi Yu <me@runxiyu.org> 2025-03-23 14:25:55 +0800
committer: Runxi Yu <me@runxiyu.org> 2025-03-23 14:31:19 +0800
commit: 079e9d2730c5429c2b31f75df9c4ff5b451f6efe (patch)
tree: c82c49bd06f35d453abe7330b458c2fa3948f0b4 /README.md
parent: Disable the readonly input box (diff)
download: powxy-079e9d2730c5429c2b31f75df9c4ff5b451f6efe.tar.gz
powxy-079e9d2730c5429c2b31f75df9c4ff5b451f6efe.tar.zst
powxy-079e9d2730c5429c2b31f75df9c4ff5b451f6efe.zip
1 files changed, 3 insertions, 3 deletions
diff --git a/README.md b/README.md
index 7dd075f..85fdfb8 100644
--- a/README.md
+++ b/README.md
@@ -62,9 +62,9 @@ Otherwise, the client is presented with a challenge, which asks them to find
 a nonce that, when appended to the identifier, results in a SHA-256 hash that
 begins with a certain number of zero bits. The client must solve the challenge
 and submit it through an HTML form, which is then validated by the proxy. If
-validation passes, the client is issued a cookie containing their identifier
-and its HMAC, and is redirected to request the page again, this time with the
-necessary cookie to pass the validation.
+validation passes, the client is issued a cookie containing their identifier's
+HMAC, and is redirected to request the page again, this time with the necessary
+cookie to pass the validation.
 
 JavaScript is provided to automatically solve the challenge without user
 interaction. Clients that do not run JavaScript need to solve the challenge
author	Runxi Yu <me@runxiyu.org>	2025-03-23 14:25:55 +0800
committer	Runxi Yu <me@runxiyu.org>	2025-03-23 14:31:19 +0800
commit	079e9d2730c5429c2b31f75df9c4ff5b451f6efe (patch)
tree	c82c49bd06f35d453abe7330b458c2fa3948f0b4 /README.md
parent	Disable the readonly input box (diff)
download	powxy-079e9d2730c5429c2b31f75df9c4ff5b451f6efe.tar.gz powxy-079e9d2730c5429c2b31f75df9c4ff5b451f6efe.tar.zst powxy-079e9d2730c5429c2b31f75df9c4ff5b451f6efe.zip