secure-ls icon indicating copy to clipboard operation
secure-ls copied to clipboard

Published 20 hours ago verified publisher icon softvar

Security issue.

Open clockworkgr opened this issue 6 years ago • 4 comments

https://github.com/softvar/secure-ls/blob/b318562e3dc5726ae8c3295883a302e7bbca2796/src/utils.js#L69

Why in god's name is it necessary to store the encryptionSecret unencrypted?

clockworkgr avatar Jan 03 '19 11:01 clockworkgr

Users can encode it and use accordingly. But I like your point of encrypting it before saving it as meta info in localStorage.

softvar avatar Jan 03 '19 18:01 softvar

Thanks for pointing this out. Will look into it.

softvar avatar Jan 03 '19 18:01 softvar

Mentioned in #13

jas- avatar Jan 04 '19 10:01 jas-

@jas- Could you review my PR as well to make sure I addressed everything?

konsultaner avatar Jan 18 '19 14:01 konsultaner