(couchdb-fauxton) branch main updated: fix: crypto.randomUUID() not available in insecure envs (#1527)

[amaranhao]

This is an automated email from the ASF dual-hosted git repository.

Antonio-Maranhao pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/couchdb-fauxton.git


The following commit(s) were added to refs/heads/main by this push:
     new 6a9f4e00 fix: crypto.randomUUID() not available in insecure envs 
(#1527)
6a9f4e00 is described below

commit 6a9f4e00e27b51ace3d7bfff022c07da4cd8f356
Author: Antonio Maranhao <30349380+antonio-maran...@users.noreply.github.com>
AuthorDate: Mon Apr 27 10:43:51 2026 -0400

    fix: crypto.randomUUID() not available in insecure envs (#1527)
    
    Add an alternative implementation for when crypto.randomUUID() is not
    available in the environment. This can happen because crypto.randomUUID()
    is only available in the browser under a secure context (HTTPS or 
localhost),
    so if Fauxton is accessed via HTTP the function won't exist and cause the 
app to fail.
---
 app/core/__tests__/api.test.js | 10 ++++++++++
 app/core/api.js                | 16 +++++++++++++++-
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/app/core/__tests__/api.test.js b/app/core/__tests__/api.test.js
index ca6e3adf..7073e9f3 100644
--- a/app/core/__tests__/api.test.js
+++ b/app/core/__tests__/api.test.js
@@ -42,3 +42,13 @@ describe('URLs', () => {
   });
 
 });
+
+describe('generateUUID', () => {
+
+  it('returns a valid UUID', () => {
+    const uuid = FauxtonAPI.uuid();
+    expect(uuid).toHaveLength(36);
+    const uuid2 = FauxtonAPI.uuid();
+    expect(uuid).not.toBe(uuid2);
+  });
+});
diff --git a/app/core/api.js b/app/core/api.js
index ec1bb6f8..5a9bb9d1 100644
--- a/app/core/api.js
+++ b/app/core/api.js
@@ -122,7 +122,21 @@ FauxtonAPI.getIndexTypePropNames = function () {
 
 // Generate a v4 UUID
 FauxtonAPI.uuid = function () {
-  return crypto.randomUUID();
+  if (crypto && crypto.randomUUID && typeof crypto.randomUUID === 'function') {
+    return crypto.randomUUID();
+  }
+  return generateUUID();
+
 };
 
+// Generates a random UUID with the same format as crypto.randomUUID().
+// Only meant as an alternative for environments where crypto.randomUUID() is 
not available.
+function generateUUID() {
+  return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
+    const r = Math.random() * 16 | 0;
+    const v = c === 'x' ? r : (r & 0x3 | 0x8);
+    return v.toString(16);
+  });
+}
+
 export default FauxtonAPI;