diff options
| author | Moonchild <moonchild@palemoon.org> | 2022-03-10 13:27:05 +0000 |
|---|---|---|
| committer | Moonchild <moonchild@palemoon.org> | 2022-03-21 13:26:05 +0000 |
| commit | f5f6f9c18b1f32b50c4b6f02c873c749b73316fc (patch) | |
| tree | 130560f9f0deaac9b3fe6647c9eaba9bb38fb3d8 /components | |
| parent | 8242a1dab8b8c321563288d81a71569d99371871 (diff) | |
| download | aura-central-f5f6f9c18b1f32b50c4b6f02c873c749b73316fc.tar.gz | |
[addons] Require SHA-256 or stronger hashes for addon updates.
Diffstat (limited to 'components')
| -rw-r--r-- | components/addons/src/AddonUpdateChecker.jsm | 8 |
1 files changed, 2 insertions, 6 deletions
diff --git a/components/addons/src/AddonUpdateChecker.jsm b/components/addons/src/AddonUpdateChecker.jsm index 4a8e0f3e7..112f4a1ff 100644 --- a/components/addons/src/AddonUpdateChecker.jsm +++ b/components/addons/src/AddonUpdateChecker.jsm @@ -425,9 +425,7 @@ function parseRDFManifest(aId, aUpdateKey, aRequest, aManifestData) { targetApplications: [appEntry] }; - // The JSON update protocol requires an SHA-2 hash. RDF still - // supports SHA-1, for compatibility reasons. - sanitizeUpdateURL(result, aRequest, /^sha/, "sha1 or stronger"); + sanitizeUpdateURL(result, aRequest, /^sha(256|384|512):/, "sha256 or stronger required"); results.push(result); } @@ -580,9 +578,7 @@ function parseJSONManifest(aId, aUpdateKey, aRequest, aManifestData) { targetApplications: [appEntry], }; - // The JSON update protocol requires an SHA-2 hash. RDF still - // supports SHA-1, for compatibility reasons. - sanitizeUpdateURL(result, aRequest, /^sha(256|512):/, "sha256 or sha512"); + sanitizeUpdateURL(result, aRequest, /^sha(256|384|512):/, "sha256 or stronger required"); results.push(result); } |