CSRF tokens cause breakage on build using serverless environments due to incompatible exports of Node Crypto #167
Comments
|
Hey, thanks for reporting this issue. Related to #150 I think, we can replace the existing module with the one you linked. I would just need to test it properly if it works the same way as the original one. |
|
Hey there, I have fixed up the previously mentioned module a little, its available here - I am happy to have a crack at integrating it into this module when I get the chance to :) |
The only problem is that Nuxt 3 currently supports Node.js - v16.10.0 or newer. |
There is partial support for Web Crypto API for Node.JS v15.0.0 - v18.0.0 as mentioned here but it was released fully with Node.JS v19.0.0, I am not sure if this PR works with Node versions < v19.0.0 |
|
Hey folks, For anyone here experiencing the same issue. There is a PR where nuxt-csurf is migrated to support serverless environments but there a beta is used. I will wait until the proper stable version of nuxt-csurf will be released and then merge this PR to not cause issues for users. If you want to make this work, you can always use certain version of the underlying module (the beta version). I messaged the package author to ask when the stable version will be released. |
Version
nuxt-security: v0.13.1
nuxt: v3.6.0
nuxt-csrf: v1.2.0
Reproduction Link
https://github.com/69u/NS-Serverless-Reproduction
Steps to reproduce
What is Expected?
What is actually happening?
Possible Solution?
@zsilbi has created a fork of Nuxt-CSRF supporting serverless environments, potentially create a configuration for these serverless environments and use this forked version of the module instead: https://github.com/zsilbi/nuxt-csurf
The text was updated successfully, but these errors were encountered: