We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 0ef9aec commit afce130Copy full SHA for afce130
web/components/SsoButton.ce.vue
@@ -49,8 +49,9 @@ const getStateToken = (): string | null => {
49
};
50
51
const generateStateToken = (): string => {
52
- const state =
53
- Math.random().toString(36).substring(2, 15) + Math.random().toString(36).substring(2, 15);
+ const array = new Uint8Array(32);
+ window.crypto.getRandomValues(array);
54
+ const state = Array.from(array, byte => byte.toString(16).padStart(2, '0')).join('');
55
sessionStorage.setItem('sso_state', state);
56
return state;
57
0 commit comments