Security hardening: remove global leaks, enforce crypto, cleanup logs

Browse Source

- Removed unsafe exposure of internal objects:
      • deleted all references to `window.fileTransferSystem`
      • unified global API setup to a single immutable `safeGlobalAPI` via Object.freeze
      • removed legacy branch with `delete window[name]`

    - Logging improvements:
      • eliminated all direct `console.*` calls (use `_secureLog` exclusively)
      • fixed string templates with proper interpolation (``${var}``)
      • prevented accidental fallback to raw console in production

    - Cryptography enforcement:
      • updated `_validateCryptographicSecurity()` to require ECDSA and PFS
      • added emergency shutdown if critical crypto features are missing
      • ensured consistent feature enabling for production

...

This commit is contained in:

lockbitchat

2025-08-28 18:53:16 -04:00

parent a265209ff6

commit 551feb21a4

1 changed files with 753 additions and 583 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

1336

src/network/EnhancedSecureWebRTCManager.js

File diff suppressed because it is too large Load Diff