Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security issue. #22

Open
clockworkgr opened this issue Jan 3, 2019 · 4 comments
Open

Security issue. #22

clockworkgr opened this issue Jan 3, 2019 · 4 comments

Comments

@clockworkgr
Copy link

secure-ls/src/utils.js

Line 69 in b318562

s: this.encryptionSecret

Why in god's name is it necessary to store the encryptionSecret unencrypted?
@softvar
Copy link
Owner

softvar commented Jan 3, 2019

Users can encode it and use accordingly.
But I like your point of encrypting it before saving it as meta info in localStorage.

@softvar
Copy link
Owner

softvar commented Jan 3, 2019

Thanks for pointing this out. Will look into it.

@jas-
Copy link

jas- commented Jan 4, 2019
edited
Loading

Mentioned in #13

This was referenced Jan 11, 2019
Merged
Closed
konsultaner added a commit to konsultaner/secure-ls that referenced this issue Jan 18, 2019
@konsultaner
fixed softvar#22, softvar#15, added optimized linting, fixed readme f…
07e0f5b 
…or encryptionNamespace
@konsultaner
Copy link
Contributor

@jas- Could you review my PR as well to make sure I addressed everything?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jas- @konsultaner @softvar @clockworkgr