csrf - npm Package Compare versions

Comparing version 2.0.6 to 2.0.7

HISTORY.md

@@ -0,1 +1,6 @@
+2.0.7 / 2015-05-03
+==================
+
+  * Fix compatibility with `crypto.DEFAULT_ENCODING` global changes
+
 2.0.6 / 2015-02-13
@@ -2,0 +7,0 @@ ==================

index.js

 
+/**
+ * Module dependencies.
+ */
+
 var rndm = require('rndm')
@@ -8,3 +12,8 @@ var scmp = require('scmp')
 
+/**
+ * Module exports.
+ */
+
 module.exports = csrfTokens
+module.exports.tokenize = tokenize
 
@@ -65,10 +74,8 @@ function csrfTokens(options) {
 
-csrfTokens.tokenize = function tokenize(secret, salt) {
+function tokenize(secret, salt) {
   var hash = escape(crypto
     .createHash('sha1')
-    .update(salt)
-    .update('-')
-    .update(secret)
+    .update(salt + '-' + secret, 'ascii')
     .digest('base64'))
   return salt + '-' + hash
 }

package.json

 {
   "name": "csrf",
   "description": "primary logic behind csrf tokens",
-  "version": "2.0.6",
+  "version": "2.0.7",
   "author": "Jonathan Ong <me@jongleberry.com> (http://jongleberry.com)",
@@ -18,5 +18,5 @@ "contributors": [
   "devDependencies": {
-    "bluebird": "~2.9.4",
-    "istanbul": "0.3.5",
-    "mocha": "~2.1.0"
+    "bluebird": "2.9.23",
+    "istanbul": "0.3.9",
+    "mocha": "~2.2.4"
   },
@@ -23,0 +23,0 @@ "files": [

README.md

@@ -31,5 +31,5 @@ # CSRF
 
-- `secretLength: 24` - the byte length of the secret key
+- `secretLength: 18` - the byte length of the secret key
 - `saltLength: 8` - the string length of the salt
-- `tokensize: (secret, salt) => token` - a custom token creation function
+- `tokenize: (secret, salt) => token` - a custom token creation function
 
@@ -70,11 +70,11 @@ #### csrf.secret([cb])
 
-[npm-image]: https://img.shields.io/npm/v/csrf.svg?style=flat
+[npm-image]: https://img.shields.io/npm/v/csrf.svg
 [npm-url]: https://npmjs.org/package/csrf
-[node-image]: https://img.shields.io/node/v/csrf.svg?style=flat
+[node-image]: https://img.shields.io/node/v/csrf.svg
 [node-url]: http://nodejs.org/download/
-[travis-image]: https://img.shields.io/travis/pillarjs/csrf.svg?style=flat
+[travis-image]: https://img.shields.io/travis/pillarjs/csrf/master.svg
 [travis-url]: https://travis-ci.org/pillarjs/csrf
-[coveralls-image]: https://img.shields.io/coveralls/pillarjs/csrf.svg?style=flat
+[coveralls-image]: https://img.shields.io/coveralls/pillarjs/csrf/master.svg
 [coveralls-url]: https://coveralls.io/r/pillarjs/csrf?branch=master
-[downloads-image]: https://img.shields.io/npm/dm/csrf.svg?style=flat
+[downloads-image]: https://img.shields.io/npm/dm/csrf.svg
 [downloads-url]: https://npmjs.org/package/csrf

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

7043

increased by1.84%

Lines of code

62

increased by8.77%

No dependency changes