search

oruga-ui / oruga

🐛 Oruga is a lightweight library of UI components without any CSS framework dependency
https://oruga-ui.com
MIT License
1.13k stars 172 forks source link

`crypto.randomUUID()` errors from multiple components #1136

Open srozen opened 6 hours ago

srozen commented 6 hours ago

Overview of the problem

Oruga versions:

Description

Extensive calls to crypto.randomUUID() in multiple components, which for some cannot be avoided as far as I know. This means errors in production for all components that resort to normalizeOptions in packages/oruga/src/composables/useOptions.ts.

Some components like Datepicker or Datetimepicker are using the Select in their template, which in turns make that call.

Steps to reproduce

  1. Use Datetimepicker
  2. Run in an unsafe production context
mlmoravek commented 5 hours ago

Hey, what error is shown ? And what is an unsafe production context?

srozen commented 4 hours ago

Hello!

From the doc here https://developer.mozilla.org/en-US/docs/Web/API/Crypto/randomUUID

This feature is available only in secure contexts (HTTPS), in some or all supporting browsers.

Therefore, any component calling that in a HTTP (no S) context will get the following error : image

I get the idea of the usage of randomUUID to have default keys on component that will expose some collection of data such as Select, Table, etc, but it then breaks in "prod" if you don't have a secure context.