Genie Discord forum
Is there possibility of hash collision in case of generation of session cookies and websocket? If yes, how to handle such type of cases.
what do you mean by websocket id? Client Id?
In websocket, when a client is subscribing, the ws client information is hashed and put into a dictionary (Dict) keeping the hash as key, but is the any possibility of hashs of two different ws clients being same(hash collision) and second one replacing the first one in the dictionary. These may lead to faulty identification of the second one as first one making an security issue.
Similarly, when producing new session id with id(), it is not checked whether the id already exists or not. Is there possibility of collision here?
Here by websocket id I mean clients id, the hash of the ws clients information.
hash collisions are very rare unless you have too many records. But I will look into this. Can you open a Github issue with the explanation on Genie.jl so this doesn't get lost?