From 079e9d2730c5429c2b31f75df9c4ff5b451f6efe Mon Sep 17 00:00:00 2001 From: Runxi Yu Date: Sun, 23 Mar 2025 14:25:55 +0800 Subject: Cut half of the cookie, the HMAC is enough --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'README.md') diff --git a/README.md b/README.md index 7dd075f..85fdfb8 100644 --- a/README.md +++ b/README.md @@ -62,9 +62,9 @@ Otherwise, the client is presented with a challenge, which asks them to find a nonce that, when appended to the identifier, results in a SHA-256 hash that begins with a certain number of zero bits. The client must solve the challenge and submit it through an HTML form, which is then validated by the proxy. If -validation passes, the client is issued a cookie containing their identifier -and its HMAC, and is redirected to request the page again, this time with the -necessary cookie to pass the validation. +validation passes, the client is issued a cookie containing their identifier's +HMAC, and is redirected to request the page again, this time with the necessary +cookie to pass the validation. JavaScript is provided to automatically solve the challenge without user interaction. Clients that do not run JavaScript need to solve the challenge -- cgit v1.2.3