add special handling for capability URLs #11
Description
capability URLs should be processed by a dedicated handler which does constant-time comparison on the "secret" part of the URL
{{ message }}
capability URLs should be processed by a dedicated handler which does constant-time comparison on the "secret" part of the URL