Skip to content
This repository has been archived by the owner on Dec 12, 2024. It is now read-only.

Commit

Permalink
fix: prevent potential insecure randomness
Browse files Browse the repository at this point in the history
piquark6046 committed Nov 22, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent 5072fac commit 62c4b57
Showing 3 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "microshield",
"version": "3.10.0",
"version": "3.10.1",
"description": "",
"type": "module",
"scripts": {
2 changes: 1 addition & 1 deletion sources/banner.txt
Original file line number Diff line number Diff line change
@@ -8,7 +8,7 @@
// @downloadURL https://cdn.jsdelivr.net/gh/List-KR/microShield@latest/microShield.user.js
// @license Apache-2.0
//
// @version 3.10.0
// @version 3.10.1
// @author PiQuark6046 and contributors
//
// @match *://ad-shield.team/*
2 changes: 1 addition & 1 deletion sources/src/adshield-defuser-libs/ztinywave.ts
Original file line number Diff line number Diff line change
@@ -74,7 +74,7 @@ export const getKeys__Node__ = async (source: string) => {
}
});

const secret = Math.random().toString(36).slice(2);
const secret = (crypto.getRandomValues(new Uint32Array(1))[0] * crypto.getRandomValues(new Uint32Array(1))[0]).toString(36).slice(2);
const header = `const ${secret} = (id, source) => {
const el = document.createElement('code')
el.setAttribute('data-${secret}', id)

0 comments on commit 62c4b57

Please sign in to comment.