Since T78449 generateRandomSessionId tries to use crypto.getRandomValues(), but it tests only the existence of window.crypto. At least in Firefox window.crypto exists longer (as non-standard implementation, at least since FF16) than crypto.getRandomValues() (starting with FF21). The implementation for generateRandomSessionId should check not only window.crypto, but also crypto.getRandomValues before calling it to avoid this error, even though this only affects old browsers.
Description
Description
Details
Details
Subject | Repo | Branch | Lines +/- | |
---|---|---|---|---|
mediawiki.user: Check crypto.getRandomValues before use | mediawiki/core | master | +1 -1 |
Related Objects
Related Objects
Event Timeline
Comment Actions
Change 194156 had a related patch set uploaded (by Umherirrender):
Check crypto.getRandomValues in mw.user.js before use
Comment Actions
Change 194156 merged by jenkins-bot:
mediawiki.user: Check crypto.getRandomValues before use