sophie/nuke
1
0
Fork 0
Code Packages 1 Activity Actions

fix(algorithms/fast): fix fast challenge on insecure contexts (#1198)

Browse source 
* fix(algorithms/fast): fix fast challenge on insecure contexts

Closes #1192

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: update CHANGELOG

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
This commit is contained in:
Xe Iaso 2025-10-17 19:32:24 -04:00 committed by GitHub
parent 00261d049e
commit 25d677cbba
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 8 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/docs/CHANGELOG.md
View file

@ -22,6 +22,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Document missing environment variables in installation guide: `SLOG_LEVEL`, `COOKIE_PREFIX`, `FORCED_LANGUAGE`, and `TARGET_DISABLE_KEEPALIVE` ([#1086](https://github.com/TecharoHQ/anubis/pull/1086)).
- Add validation warning when persistent storage is used without setting signing keys.
- Fixed `robots2policy` to properly group consecutive user agents into `any:` instead of only processing the last one ([#925](https://github.com/TecharoHQ/anubis/pull/925)).
- Make the `fast` algorithm prefer purejs when running in an insecure context.
- Add the [`s3api` storage backend](./admin/policies.mdx#s3api) to allow Anubis to use S3 API compatible object storage as its storage backend.
- Fix a "stutter" in the cookie name prefix so the auth cookie is named `techaro.lol-anubis-auth` instead of `techaro.lol-anubis-auth-auth`.
- Make `cmd/containerbuild` support commas for separating elements of the `--docker-tags` argument as well as newlines.

9
web/js/algorithms/fast.ts
View file

@ -18,7 +18,12 @@ export default function process(
): Promise<string> {
console.debug("fast algo");
let workerMethod = window.crypto !== undefined ? "webcrypto" : "purejs";
// Choose worker based on secure context.
// Use the WebCrypto worker if the page is a secure context; otherwise fall back to pureJS.
let workerMethod: "webcrypto" | "purejs" = "purejs";
if (window.isSecureContext) {
workerMethod = "webcrypto";
}
if (navigator.userAgent.includes("Firefox") || navigator.userAgent.includes("Goanna")) {
console.log("Firefox detected, using pure-JS fallback");
@ -82,4 +87,4 @@ export default function process(
workers.push(worker);
}
});
}
}