Possible javascript digest fallbacks for insecure (HTTP) sites

[andrewheadricke]

I am using js-ipld-dag-cbor which references this package. I would like to be able to calculate hashes even on insecure (HTTP) websites.

When js-multihashing-async tries to access window.crypto.subtle it throws on error in Brave, but works fine in Firefox. Chrome on Android also throws an error.

Is it possible to fallback on a browser implementation to avoid the HTTPS requirement?

Other issue: ipld/js-ipld-dag-cbor#114

[andrewheadricke]

Is it possible to add a "compile time" switch which includes a JS hash implementation into the bundle, or perhaps even easier is to add an API to redirect a particular hash algorithm to a external library?

[mikeal]

The “compile time” switch would need to be some some kind of configuration in which the developer imports a pure-JS module and passed it into js-multihashing-async. There’s no way to selectively include something in the bundle based on the browser env because bundles are created before they are ever run in a browser env.

[andrewheadricke]

Yeah, thats what I meant. When compiling js-multihashing-async I would like to include a pureJS hashing module. So the bundle will be larger.