module ActiveSupport::SecurityUtils
def secure_compare(a, b)
the secret length. This should be considered when using secure_compare
a secret compared via secure_compare, it is possible to determine
While a timing attack would not be able to discern the content of
Secure string comparison for strings of variable length.
def secure_compare(a, b) a.bytesize == b.bytesize && fixed_length_secure_compare(a, b) end