feat: Share form secret keys across browser tabs using BroadcastChannel #203
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
liangyuanruo
approved these changes
Aug 25, 2020
|
@liangyuanruo Added to pull request :) |
| vm.privateKeyChannel = new BroadcastChannel('formsg_private_key_sharing') | ||
| vm.privateKeyChannel.onmessage = function (e) { | ||
| if (e.data.action === 'broadcastKey') { | ||
| if (vm.encryptionKey === null && vm.myform._id === e.data.formId) { |
There was a problem hiding this comment.
thinking through this bit of logic again - the user needs to already have the 2nd tab open prior to entering the key? so BroadcastChannel on its own wouldn't be able to help with opening a link from the CSV, unless we used LocalStorage?
There was a problem hiding this comment.
No, the user doesn’t. When the 2nd tab loads, it will send a requestKey message (line 70) and any already opened tab should respond with another broadcastKey message.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
Users have to repeatedly enter their form secret key if they open multiple tabs with the same form. This hinders future bulk downloading of attachments (Issue #16) because there are multiple clicks involved in unlocking a response from a tab.
Solution
We utilize
BroadcastChannelto request and broadcast the form secret key to other tabs.Tests
Security
BroadcastChannelwill only broadcast the message to scripts from the same origin (i.e.https://form.gov.sgin practice) so all data should be controlled by scripts originating from FormSG. This does not store any data in browser-based storage (e.g. cookies or localStorage) so secrets would not be retained past the user closing all FormSG tabs containing the form.We do not use polyfills for
BroadcastChannelas they usually involvelocalStorage, which is not safe for secret key handling.Browser Compatibility
BroadcastChannelis not available on Safari and IE 11, so this feature is not available on those two browsers. Current behavior where users have to upload the secret key on each tab will continue for users on those two browsers.