Project

General

Profile

Actions

Patch #40652

closed

Replace MD5 with SHA256 when creating the hash for gravatar URL

Added by Marius BĂLTEANU 8 months ago. Updated 8 months ago.

Status:
Closed
Priority:
Normal
Category:
Code cleanup/refactoring
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:

Description

https://docs.gravatar.com/avatars/hash/

This is extracted from #35217.

diff --git a/lib/plugins/gravatar/lib/gravatar.rb b/lib/plugins/gravatar/lib/gravatar.rb
index ea4a37cb5..4dc27db52 100644
--- a/lib/plugins/gravatar/lib/gravatar.rb
+++ b/lib/plugins/gravatar/lib/gravatar.rb
@@ -1,6 +1,5 @@
 # frozen_string_literal: true

-require 'digest/md5'
 require 'cgi'

 module GravatarHelper
@@ -65,7 +64,7 @@ module GravatarHelper

     # Return the gravatar URL for the given email address.
     def gravatar_url(email, options={})
-      email_hash = Digest::MD5.hexdigest(email)
+      email_hash = Digest::SHA256.hexdigest(email)
       options = DEFAULT_OPTIONS.merge(options)
       options[:default] = CGI::escape(options[:default]) unless options[:default].nil?
       gravatar_api_url(email_hash).tap do |url|

Files


Related issues

Related to Redmine - Patch #35217: Replace use of Digest::MD5 / Digest::SHA1 with ActiveSupport::DigestClosedMarius BĂLTEANU

Actions
Actions #2

Updated by Marius BĂLTEANU 8 months ago

  • Related to Patch #35217: Replace use of Digest::MD5 / Digest::SHA1 with ActiveSupport::Digest added
Actions #3

Updated by Marius BĂLTEANU 8 months ago

  • Status changed from New to Closed
Actions #4

Updated by Marius BĂLTEANU 8 months ago

  • Subject changed from Replace md5 with SHA256 when creating the hash for gravatar URL to Replace MD5 with SHA256 when creating the hash for gravatar URL
Actions

Also available in: Atom PDF