diff options
| author | robocoder <anthon.pang@gmail.com> | 2010-03-24 17:32:50 +0300 |
|---|---|---|
| committer | robocoder <anthon.pang@gmail.com> | 2010-03-24 17:32:50 +0300 |
| commit | 0560f3f330ac55eeed480246a8157d1c13118843 (patch) | |
| tree | 4525a4a29ef527683a0cef2ef2cf0904d255bd3b /core/Nonce.php | |
| parent | 78cae640614290a679fa523483b5926a80db65a4 (diff) | |
update phpdoc comments
git-svn-id: http://dev.piwik.org/svn/trunk@1986 59fd770c-687e-43c8-a1e3-f5a4ff64c105
Diffstat (limited to 'core/Nonce.php')
| -rw-r--r-- | core/Nonce.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/Nonce.php b/core/Nonce.php index 44d67195f7..632ed55b07 100644 --- a/core/Nonce.php +++ b/core/Nonce.php @@ -16,7 +16,7 @@ * A cryptographic nonce -- "number used only once" -- is often recommended as part of a robust defense against cross-site request forgery (CSRF/XSRF). * Desrable characteristics: limited lifetime, uniqueness, unpredictability (pseudo-randomness). * - * We use a session-dependent nonce with a configurable expiration that comines and hashes: + * We use a session-dependent nonce with a configurable expiration that combines and hashes: * - a private salt because it's non-public * - time() because it's unique * - a mix of PRNGs (pseudo-random number generators) to increase entropy and make it less predictable |