Contrib.social

Improve the checksum creation / validation

Open on Drupal.org →
Created on 23 May 2025, 20 days ago

Problem/Motivation

Currently, we generate the hash using the plugin route and the secret. I talked internally @anybody, that this would suffice for our current use-case, but might be a bit dangerous in other cases.

The problem is, that a widget provider can have dynamic required and optionalParameters and we can't generate a checksum for every possibility. E.g. "nid" is a required parameter. If we want to use the required parameters in our checksum, we would need to generate a hash for every nid there is, and compare the incoming checksum with all of them. This isn't really a good idea and would scale even more, if we had multiple parameters...

So we could:

  • Leave it as is
  • Add further static "checksumParameters" which specifies specific parameters that are also required, static and need to be part of the checksum
  • Think about something else to boost the security (e.g. some sort of timestamp / time window?)

We should also think about the Sequence of the parameters. We currently always need them in the specific sequence given by the list. Otherwise, it fails.

Steps to reproduce

Proposed resolution

Improve the checksum creation / validation.

Remaining tasks

User interface changes

API changes

Data model changes

📌 Task
Status

Active

Version

1.0

Component

Code

Created by

🇩🇪Germany Grevil

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024