Skip to content

Commit

Permalink
[TASK] Don't hash local storage fingerprints
Browse files Browse the repository at this point in the history 
Local storage fingerprint values are already deterministic,
they don't require the extra uniqueness factor.

Related: https://projekte.in2code.de/issues/67221
  • Loading branch information
@pixeldesu
pixeldesu committed Oct 15, 2024
1 parent 884e832 commit 50e33ab
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 2 deletions.
4 changes: 3 additions & 1 deletion Classes/Domain/Model/Fingerprint.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,8 +52,10 @@ public function setValue(string $value): self
}
if (strlen($value) === 33) {
$this->setType(self::TYPE_STORAGE);
$this->value = $value;
} else {
$this->value = hash('sha256', $value . IpUtility::getIpAddress());
}
$this->value = hash('sha256', $value . IpUtility::getIpAddress());
return $this;
}

Expand Down
17 changes: 16 additions & 1 deletion Tests/Unit/Domain/Model/FingerprintTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ public function testAssertSameHashesWithSameIps(): void
public function testAssertDifferentHashesWithDifferentIps(): void
{
$fingerprint = new Fingerprint();
$identifier = bin2hex(random_bytes(16));
$identifier = random_bytes(32);

GeneralUtility::setIndpEnv('REMOTE_ADDR', '192.168.178.1');
$fingerprint->setValue($identifier);
Expand All @@ -74,4 +74,19 @@ public function testAssertDifferentHashesWithDifferentIps(): void

self::assertNotEquals($value1, $value2);
}

/**
* @return void
* @covers ::setValue
*/
public function testAssertNoHashingForStorageType(): void
{
$fingerprint = new Fingerprint();
$identifier = random_bytes(33);

$fingerprint->setValue($identifier);
$value = $fingerprint->getValue();

self::assertEquals($identifier, $value);
}
}

0 comments on commit 50e33ab

Please sign in to comment.