Release 2.0.14

get rid of security checks, i don't like the idea much
cyan-2048 · Dec 23, 2022 · a4a5cc2 · a4a5cc2
1 parent 72b64c9
commit a4a5cc2
Show file tree

Hide file tree

Showing 5 changed files with 3 additions and 53 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -47,7 +47,6 @@ jobs:
             dist/omnisd.zip
             dist/application.zip
             dist/manifest.webapp
-            dist/security.json
       - name: discord webhook
         env:
           DISCORD_WEBHOOK_URL: ${{ secrets.DISCORD_WEBHOOK_URL }}

diff --git a/scripts/esbuild.mjs b/scripts/esbuild.mjs
@@ -85,29 +85,12 @@ const options = {
   external: ["*.png", "*.ttf", "*.svg"],
 };
 
-import crypto from "crypto";
-
-async function getFile(path) {
-	const file = await fs.readFile(path);
-	return digest(file.buffer);
-}
-
-async function digest(buffer) {
-	const hashBuffer = await crypto.webcrypto.subtle.digest("SHA-256", buffer); // hash the message
-	const hashArray = Array.from(new Uint8Array(hashBuffer)); // convert buffer to byte array
-	const hashHex = hashArray.map((b) => b.toString(16).padStart(2, "0")).join(""); // convert bytes to hex string
-	return hashHex;
-}
-
 try {
 	await esbuild.build(options);
 	const regexp = /for((\s?)*)\(((\s?)*)const/g;
 	const text = await fs.readFile(outfile, "utf8");
 	// on KaiOS aka Firefox48, for(const is broken
 	await fs.writeFile(outfile, text.replace(regexp, "for(let "));
-
-	const [main_page, bundle] = await Promise.all([getFile("./dist/index.html"), getFile("./dist/build/bundle.js")]);
-	await fs.writeFile("./dist/security.json", JSON.stringify({ main_page, bundle }));
 } catch (err) {
 	console.error(err);
 	process.exit(1);

diff --git a/src/lib/DiscordXHR.ts b/src/lib/DiscordXHR.ts
@@ -71,7 +71,8 @@ function _query(obj = {}) {
 		.join("&");
 }
 
-// make storing tokens more secure
+// make storing tokens somehow more secure
+// erm useless because localStorage.token duh
 const tokens = new WeakMap();
 
 export default class DiscordXHR {

diff --git a/src/lib/security.js b/src/lib/security.js
diff --git a/src/main.js b/src/main.js
@@ -5,10 +5,8 @@ import manifest from "./assets/manifest.json";
 import App from "./App.svelte";
 import scrollBy from "./lib/scrollBy";
 import { navigate } from "svelte-routing";
-import { self, settings } from "./lib/shared";
+import { self } from "./lib/shared";
 import * as helper from "./lib/helper";
-import { checkSecurity } from "./lib/security";
-import { localStorage } from "./lib/database";
 
 //polyfill
 scrollBy();
@@ -17,17 +15,6 @@ navigate("/", { replace: true });
 document.documentElement.lang = navigator.language;
 
 async function init() {
-	if (PRODUCTION && typeof SECURITY_CHECK == "object") {
-		await settings.init;
-		try {
-			await checkSecurity(SECURITY_CHECK);
-		} catch (e) {
-			console.error(e);
-
-			alert("security check failed! for your safety, the token is not revoked.");
-		}
-	}
-
 	new App({
 		target: document.body,
 	});