OCram85/code-server
Archived
1
0
Fork 0
Code Pull Requests 2 Activity

Hash password

Browse Source 
Fixes issues with unexpected characters breaking things when setting the
cookie (like semicolons).

This change as-is does not affect the security of code-server
itself (we've just replaced the static password with a static hash) but
if we were to add a salt in the future it would let us invalidate keys
by rehashing with a new salt which could be handy.
This commit is contained in:
Asher
2019-11-07 15:43:10 -06:00
parent a1d6bcb8e5
commit 2018024810
2 changed files with 25 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/node/util.ts
View File

@ -67,6 +67,10 @@ export const generatePassword = async (length: number = 24): Promise<string> =>
return buffer.toString("hex").substring(0, length);
};
export const hash = (str: string): string => {
return crypto.createHash("sha256").update(str).digest("hex");
};
export const getMediaMime = (filePath?: string): string => {
return filePath && (vsGetMediaMime(filePath) || (<{[index: string]: string}>{
".css": "text/css",