Move from byteable to memory

2019-02-19 03:58:31 +02:00 · 2019-02-19 03:58:31 +02:00 · e5cc9987ae
commit e5cc9987ae
parent b1e718397b
2 changed files with 4 additions and 4 deletions
--- a/yesod-core/Yesod/Core/Handler.hs
+++ b/yesod-core/Yesod/Core/Handler.hs
@ -228,7 +228,7 @@ import qualified Data.ByteString.Lazy          as L
 import qualified Data.Map                      as Map
 import qualified Data.HashMap.Strict           as HM

-import           Data.Byteable                 (constEqBytes)
+import           Data.ByteArray                (constEq)

 import           Control.Arrow                 ((***))
 import qualified Data.ByteString.Char8         as S8
@ -1648,8 +1648,8 @@ checkCsrfHeaderOrParam headerName paramName = do
    permissionDenied errorMessage

 validCsrf :: Maybe Text -> Maybe S.ByteString -> Bool
-- It's important to use constant-time comparison (constEqBytes) in order to avoid timing attacks.
-validCsrf (Just token) (Just param) = encodeUtf8 token `constEqBytes` param
+-- It's important to use constant-time comparison (constEq) in order to avoid timing attacks.
+validCsrf (Just token) (Just param) = encodeUtf8 token `constEq` param
 validCsrf Nothing            _param = True
 validCsrf (Just _token)     Nothing = False

--- a/yesod-core/yesod-core.cabal
+++ b/yesod-core/yesod-core.cabal
@ -27,7 +27,6 @@ library
                   , auto-update
                   , blaze-html            >= 0.5
                   , blaze-markup          >= 0.7.1
-                   , byteable
                   , bytestring            >= 0.10.2
                   , case-insensitive      >= 0.2
                   , cereal                >= 0.3
@ -39,6 +38,7 @@ library
                   , deepseq               >= 1.3
                   , fast-logger           >= 2.2
                   , http-types            >= 0.7
+                   , memory
                   , monad-logger          >= 0.3.10   && < 0.4
                   , mtl
                   , parsec                >= 2        && < 3.2