From bfd4d5ab18d32697ff0481fbd0793a5d7eb5c518 Mon Sep 17 00:00:00 2001
From: kim <grufwub@gmail.com>
Date: Wed, 23 Apr 2025 12:53:36 +0100
Subject: [PATCH] remove cookie length check , constant time compare handles
 this

---
 internal/middleware/nollamas.go | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/internal/middleware/nollamas.go b/internal/middleware/nollamas.go
index eb4b5f925..bb2750a24 100644
--- a/internal/middleware/nollamas.go
+++ b/internal/middleware/nollamas.go
@@ -125,14 +125,6 @@ func (m *nollamas) Serve(c *gin.Context) {
 
 	// Check for a provided success token.
 	cookie, _ := c.Cookie("gts-nollamas")
-	if len(cookie) > encodedHashLen {
-
-		// Clearly invalid cookie, just
-		// present them with new challenge.
-		l.Warn("invalid cookie provided")
-		m.renderChallenge(c, challenge)
-		return
-	}
 
 	// Check whether passed cookie
 	// is the expected success token.