remove bad test

simonLeary42 · simonLeary42 · commit 9e9954ca3b1a · 2025-12-12T12:50:49.000-05:00
diff --git a/test/unit/CSRFTokenTest.php b/test/unit/CSRFTokenTest.php
@@ -58,15 +58,6 @@ public function testValidateWithoutSessionToken(): void
         $this->assertFalse(CSRFToken::validate("any_token"));
     }
 
-    public function testValidateUsesConstantTimeComparison(): void
-    {
-        $token = CSRFToken::generate();
-        $invalidToken = substr($token, 0, -1) . ($token[-1] === "a" ? "b" : "a");
-        $this->assertFalse(CSRFToken::validate($invalidToken));
-        $this->assertTrue(CSRFToken::validate($token));
-        $this->assertTrue($_SESSION["csrf_tokens"][$token]);
-    }
-
     public function testClearRemovesToken(): void
     {
         CSRFToken::generate();
