From c8c77e4df01b0118dc60bfb4d0eb21d5b703809b Mon Sep 17 00:00:00 2001 From: Max Schmitt Date: Mon, 31 May 2021 15:47:14 -0700 Subject: [PATCH] docs: use sha256 for exposeFunction everywhere (#6805) --- docs/src/api/class-browsercontext.md | 39 +++++++++++++--------------- docs/src/api/class-page.md | 36 ++++++++++++------------- types/types.d.ts | 12 ++++----- 3 files changed, 41 insertions(+), 46 deletions(-) diff --git a/docs/src/api/class-browsercontext.md b/docs/src/api/class-browsercontext.md index 39ce7f19ca..851f0b9e4d 100644 --- a/docs/src/api/class-browsercontext.md +++ b/docs/src/api/class-browsercontext.md @@ -624,7 +624,7 @@ If the [`param: callback`] returns a [Promise], it will be awaited. See [`method: Page.exposeFunction`] for page-only version. -An example of adding an `md5` function to all pages in the context: +An example of adding a `sha256` function to all pages in the context: ```js const { webkit } = require('playwright'); // Or 'chromium' or 'firefox'. @@ -633,12 +633,12 @@ const crypto = require('crypto'); (async () => { const browser = await webkit.launch({ headless: false }); const context = await browser.newContext(); - await context.exposeFunction('md5', text => crypto.createHash('md5').update(text).digest('hex')); + await context.exposeFunction('sha256', text => crypto.createHash('sha256').update(text).digest('hex')); const page = await context.newPage(); await page.setContent(` @@ -661,11 +661,11 @@ public class Example { try (Playwright playwright = Playwright.create()) { BrowserType webkit = playwright.webkit() Browser browser = webkit.launch(new BrowserType.LaunchOptions().setHeadless(false)); - context.exposeFunction("sha1", args -> { + context.exposeFunction("sha256", args -> { String text = (String) args[0]; MessageDigest crypto; try { - crypto = MessageDigest.getInstance("SHA-1"); + crypto = MessageDigest.getInstance("SHA-256"); } catch (NoSuchAlgorithmException e) { return null; } @@ -675,7 +675,7 @@ public class Example { Page page = context.newPage(); page.setContent("\n" + "\n" + @@ -691,8 +691,8 @@ import asyncio import hashlib from playwright.async_api import async_playwright -async def sha1(text): - m = hashlib.sha1() +def sha256(text): + m = hashlib.sha256() m.update(bytes(text, "utf8")) return m.hexdigest() @@ -701,12 +701,12 @@ async def run(playwright): webkit = playwright.webkit browser = await webkit.launch(headless=False) context = await browser.new_context() - await context.expose_function("sha1", sha1) + await context.expose_function("sha256", sha256) page = await context.new_page() await page.set_content(""" @@ -724,8 +724,8 @@ asyncio.run(main()) import hashlib from playwright.sync_api import sync_playwright -def sha1(text): - m = hashlib.sha1() +def sha256(text): + m = hashlib.sha256() m.update(bytes(text, "utf8")) return m.hexdigest() @@ -734,13 +734,12 @@ def run(playwright): webkit = playwright.webkit browser = webkit.launch(headless=False) context = browser.new_context() - context.expose_function("sha1", sha1) + context.expose_function("sha256", sha256) page = context.new_page() - page.expose_function("sha1", sha1) page.set_content(""" @@ -760,24 +759,22 @@ using System.Threading.Tasks; class BrowserContextExamples { - public static async Task AddMd5FunctionToAllPagesInContext() + public static async Task Main() { using var playwright = await Playwright.CreateAsync(); var browser = await playwright.Webkit.LaunchAsync(new BrowserTypeLaunchOptions { Headless = false }); var context = await browser.NewContextAsync(); - // NOTE: md5 is inherently insecure, and we strongly discourage using - // this in production in any shape or form - await context.ExposeFunctionAsync("sha1", (string input) => + await context.ExposeFunctionAsync("sha256", (string input) => { return Convert.ToBase64String( - MD5.Create().ComputeHash(System.Text.Encoding.UTF8.GetBytes(input))); + SHA256.Create().ComputeHash(System.Text.Encoding.UTF8.GetBytes(input))); }); var page = await context.NewPageAsync(); await page.SetContentAsync("\n" + "\n" + diff --git a/docs/src/api/class-page.md b/docs/src/api/class-page.md index 9f40de29ec..182bd7d14f 100644 --- a/docs/src/api/class-page.md +++ b/docs/src/api/class-page.md @@ -1550,7 +1550,7 @@ See [`method: BrowserContext.exposeFunction`] for context-wide exposed function. Functions installed via [`method: Page.exposeFunction`] survive navigations. ::: -An example of adding an `sha1` function to the page: +An example of adding a `sha256` function to the page: ```js const { webkit } = require('playwright'); // Or 'chromium' or 'firefox'. @@ -1559,11 +1559,11 @@ const crypto = require('crypto'); (async () => { const browser = await webkit.launch({ headless: false }); const page = await browser.newPage(); - await page.exposeFunction('sha1', text => crypto.createHash('sha1').update(text).digest('hex')); + await page.exposeFunction('sha256', text => crypto.createHash('sha256').update(text).digest('hex')); await page.setContent(` @@ -1587,11 +1587,11 @@ public class Example { BrowserType webkit = playwright.webkit(); Browser browser = webkit.launch({ headless: false }); Page page = browser.newPage(); - page.exposeFunction("sha1", args -> { + page.exposeFunction("sha256", args -> { String text = (String) args[0]; MessageDigest crypto; try { - crypto = MessageDigest.getInstance("SHA-1"); + crypto = MessageDigest.getInstance("SHA-256"); } catch (NoSuchAlgorithmException e) { return null; } @@ -1600,7 +1600,7 @@ public class Example { }); page.setContent("\n" + "\n" + @@ -1616,8 +1616,8 @@ import asyncio import hashlib from playwright.async_api import async_playwright -async def sha1(text): - m = hashlib.sha1() +def sha256(text): + m = hashlib.sha256() m.update(bytes(text, "utf8")) return m.hexdigest() @@ -1626,11 +1626,11 @@ async def run(playwright): webkit = playwright.webkit browser = await webkit.launch(headless=False) page = await browser.new_page() - await page.expose_function("sha1", sha1) + await page.expose_function("sha256", sha256) await page.set_content(""" @@ -1648,8 +1648,8 @@ asyncio.run(main()) import hashlib from playwright.sync_api import sync_playwright -def sha1(text): - m = hashlib.sha1() +def sha256(text): + m = hashlib.sha256() m.update(bytes(text, "utf8")) return m.hexdigest() @@ -1658,11 +1658,11 @@ def run(playwright): webkit = playwright.webkit browser = webkit.launch(headless=False) page = browser.new_page() - page.expose_function("sha1", sha1) + page.expose_function("sha256", sha256) page.set_content(""" @@ -1691,17 +1691,15 @@ class PageExamples }); var page = await browser.NewPageAsync(); - // NOTE: md5 is inherently insecure, and we strongly discourage using - // this in production in any shape or form - await page.ExposeFunctionAsync("sha1", (string input) => + await page.ExposeFunctionAsync("sha256", (string input) => { return Convert.ToBase64String( - MD5.Create().ComputeHash(System.Text.Encoding.UTF8.GetBytes(input))); + SHA256.Create().ComputeHash(System.Text.Encoding.UTF8.GetBytes(input))); }); await page.SetContentAsync("\n" + "\n" + diff --git a/types/types.d.ts b/types/types.d.ts index 32aa8871f6..1f2759f5af 100644 --- a/types/types.d.ts +++ b/types/types.d.ts @@ -1711,7 +1711,7 @@ export interface Page { * [page.exposeFunction(name, callback)](https://playwright.dev/docs/api/class-page#pageexposefunctionname-callback) * survive navigations. * - * An example of adding an `sha1` function to the page: + * An example of adding a `sha256` function to the page: * * ```js * const { webkit } = require('playwright'); // Or 'chromium' or 'firefox'. @@ -1720,11 +1720,11 @@ export interface Page { * (async () => { * const browser = await webkit.launch({ headless: false }); * const page = await browser.newPage(); - * await page.exposeFunction('sha1', text => crypto.createHash('sha1').update(text).digest('hex')); + * await page.exposeFunction('sha256', text => crypto.createHash('sha256').update(text).digest('hex')); * await page.setContent(` * * @@ -5330,7 +5330,7 @@ export interface BrowserContext { * See [page.exposeFunction(name, callback)](https://playwright.dev/docs/api/class-page#pageexposefunctionname-callback) * for page-only version. * - * An example of adding an `md5` function to all pages in the context: + * An example of adding a `sha256` function to all pages in the context: * * ```js * const { webkit } = require('playwright'); // Or 'chromium' or 'firefox'. @@ -5339,12 +5339,12 @@ export interface BrowserContext { * (async () => { * const browser = await webkit.launch({ headless: false }); * const context = await browser.newContext(); - * await context.exposeFunction('md5', text => crypto.createHash('md5').update(text).digest('hex')); + * await context.exposeFunction('sha256', text => crypto.createHash('sha256').update(text).digest('hex')); * const page = await context.newPage(); * await page.setContent(` * *