react-secure-storage - npm Package Compare versions

Comparing version 1.0.22 to 1.1.0

dist/fingerprint.lib.js

@@ -43,3 +43,4 @@ "use strict";
       var canvasPrint = this.getCanvasPrint();
-      var key = userAgent + bar + screenPrint + bar + pluginList + bar + fontList + bar + localStorage + bar + sessionStorage + bar + timeZone + bar + language + bar + systemLanguage + bar + cookies + bar + canvasPrint;
+      var hostName = window.location.hostname;
+      var key = userAgent + bar + hostName + bar + screenPrint + bar + pluginList + bar + fontList + bar + localStorage + bar + sessionStorage + bar + timeZone + bar + language + bar + systemLanguage + bar + cookies + bar + canvasPrint;
       var seed = 256;
@@ -55,3 +56,4 @@ return (0, _murmurhash3_gc.default)(key, seed);
     value: function getScreenPrint() {
-      return "Current Resolution: " + this.getCurrentResolution() + ", Available Resolution: " + this.getAvailableResolution() + ", Color Depth: " + this.getColorDepth() + ", Device XDPI: " + this.getDeviceXDPI() + ", Device YDPI: " + this.getDeviceYDPI();
+      // "Current Resolution: " + this.getCurrentResolution() +", Available Resolution: " + this.getAvailableResolution() +
+      return "Color Depth: " + this.getColorDepth() + ", Device XDPI: " + this.getDeviceXDPI() + ", Device YDPI: " + this.getDeviceYDPI();
     } // Get Color Depth.  Return a string containing the color depth.
@@ -58,0 +60,0 @@

package.json

 {
   "name": "react-secure-storage",
-  "version": "1.0.22",
+  "version": "1.1.0",
   "description": "This libraries is used to securely store data in local storage",
@@ -5,0 +5,0 @@ "author": "Sushin Pv",

README.md

@@ -106,4 +106,10 @@ [![npm](https://img.shields.io/npm/v/react-secure-storage.svg)](https://www.npmjs.com/package/react-secure-storage) [![downloads](https://img.shields.io/npm/dm/react-secure-storage.svg)](http://npm-stat.com/charts.html?package=react-secure-storage)
 
-## Whats new ?
+## Whats new in 1.1.0?
 
+Secure token returning null when the browser resizes problem was fixed. This was previously included as a security feature, but in the most recent update, it was removed. This was covered in the ensuing issue: https://github.com/sushinpv/react-secure-storage/issues/9
+
+Now that we have included the browser hostname while establishing the secure key, it is more unique. This will guarantee that each website's key is distinct.
+
+## Whats new | Previous?
+
 Added support for updating Local Storage prefix, Now this can be updated using .env
@@ -121,2 +127,9 @@
 
-For local testing the library make sure you are installing the `react-scripts` by using `npm i react-scripts` or `yarn add react-scripts`
+## How do I test this library on my local system & How do I contribute ?
+
+For local testing the library make sure you are installing the `react-scripts` by using `npm i react-scripts` or `yarn add react-scripts`. 
+The react-scripts is removed due to vulnerability issue which is highlighted in here : https://github.com/sushinpv/react-secure-storage/issues/3
+
+To contribute on the library, make sure you are creating a development branch for your fix as `dev/{feature/fix}` and create a PR to master branch.
+
+Before creating the PR, Please make sure to remove the `react-scripts` from the `package.json`. and you are creating a production build for the library by running `yarn build:lib`

src/lib/fingerprint.lib.ts

@@ -24,4 +24,5 @@ import murmurhash3_32_gc from "murmurhash-js/murmurhash3_gc";
     let canvasPrint = this.getCanvasPrint();
+    let hostName = window.location.hostname;
 
-    let key = userAgent + bar + screenPrint + bar + pluginList + bar + fontList + bar + localStorage + bar + sessionStorage + bar + timeZone + bar + language + bar + systemLanguage + bar + cookies + bar + canvasPrint;
+    let key = userAgent + bar + hostName + bar + screenPrint + bar + pluginList + bar + fontList + bar + localStorage + bar + sessionStorage + bar + timeZone + bar + language + bar + systemLanguage + bar + cookies + bar + canvasPrint;
     let seed = 256;
@@ -38,3 +39,4 @@
   getScreenPrint() {
-    return "Current Resolution: " + this.getCurrentResolution() + ", Available Resolution: " + this.getAvailableResolution() + ", Color Depth: " + this.getColorDepth() + ", Device XDPI: " + this.getDeviceXDPI() + ", Device YDPI: " + this.getDeviceYDPI();
+    // "Current Resolution: " + this.getCurrentResolution() +", Available Resolution: " + this.getAvailableResolution() +
+    return "Color Depth: " + this.getColorDepth() + ", Device XDPI: " + this.getDeviceXDPI() + ", Device YDPI: " + this.getDeviceYDPI();
   }
@@ -41,0 +43,0 @@

No alert changes

Improved metrics

Total package byte prevSize

78719

increased by1.48%

Lines of code

1285

increased by0.31%

Number of lines in readme file

134

increased by10.74%

No dependency changes