From 04c9868e00f94aee0583f9aee7f4573b905f2e16 Mon Sep 17 00:00:00 2001
From: skjnldsv <skjnldsv@protonmail.com>
Date: Sat, 21 Jun 2025 10:08:08 +0200
Subject: fix(files_sharing): fallback self.crypto.getRandomValues

Signed-off-by: skjnldsv <skjnldsv@protonmail.com>
---
 apps/files_sharing/src/utils/GeneratePassword.ts | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

(limited to 'apps/files_sharing/src')

diff --git a/apps/files_sharing/src/utils/GeneratePassword.ts b/apps/files_sharing/src/utils/GeneratePassword.ts
index 2f3f65c51d8..82efaaa69d4 100644
--- a/apps/files_sharing/src/utils/GeneratePassword.ts
+++ b/apps/files_sharing/src/utils/GeneratePassword.ts
@@ -38,10 +38,29 @@ export default async function(verbose = false): Promise<string> {
 
 	const array = new Uint8Array(10)
 	const ratio = passwordSet.length / 255
-	self.crypto.getRandomValues(array)
+	getRandomValues(array)
 	let password = ''
 	for (let i = 0; i < array.length; i++) {
 		password += passwordSet.charAt(array[i] * ratio)
 	}
 	return password
 }
+
+/**
+ * Fills the given array with cryptographically secure random values.
+ * If the crypto API is not available, it falls back to less secure Math.random().
+ * Crypto API is available in modern browsers on secure contexts (HTTPS).
+ *
+ * @param {Uint8Array} array - The array to fill with random values.
+ */
+function getRandomValues(array: Uint8Array): void {
+	if (self?.crypto?.getRandomValues) {
+		self.crypto.getRandomValues(array)
+		return
+	}
+
+	let len = array.length
+	while (len--) {
+		array[len] = Math.floor(Math.random() * 256)
+	}
+}
-- 
cgit v1.2.3