Security Bug: Non-Crypto Random in Token Fallback
File: src/web/client/GatewayBrowserClient.ts lines 230-237
Issue: Math.random() used as fallback for token generation. Predictable tokens.
Recommended Fix: Use crypto.getRandomValues() or crypto.randomUUID():
const token = crypto.getRandomValues(new Uint8Array(32));
Security Bug: Non-Crypto Random in Token Fallback
File:
src/web/client/GatewayBrowserClient.tslines 230-237Issue: Math.random() used as fallback for token generation. Predictable tokens.
Recommended Fix: Use crypto.getRandomValues() or crypto.randomUUID():