fixup! fix(common): use cryptographically secure SHA-256 for transfer cache key generation

alan-agius4 · alan-agius4 · commit 522fdb7df31d · 2026-06-04T15:05:52.000Z
diff --git a/packages/common/http/src/transfer_cache.ts b/packages/common/http/src/transfer_cache.ts
@@ -552,9 +552,15 @@ let textEncoder: TextEncoder | undefined;
 /**
  * Generates a SHA-256 hash representation of a string.
  *
- * Note: A custom synchronous SHA-256 implementation is used here because the
- * Web Crypto API (`crypto.subtle.digest`) is strictly asynchronous (Promise-based),
- * whereas the transfer cache state lookup and interceptor flow must operate synchronously due to the HttpResource API.
+ * Note: A custom synchronous SHA-256 implementation is used here because the Web Crypto API
+ * (`crypto.subtle.digest`) is strictly asynchronous (Promise-based), whereas the transfer cache
+ * state lookup and interceptor flow must operate synchronously due to the HttpResource API.
+ *
+ * The previous DJB2 hashing logic was vulnerable to pre-image and second-preimage attacks due to
+ * its small 64-bit keyspace and mathematical simplicity. An attacker could craft colliding request
+ * inputs to poison the cache, potentially causing a CDN or the application to serve the wrong
+ * cached response to legitimate users. SHA-256 provides strong cryptographic collision resistance,
+ * preventing cache key collision attacks.
  */
 export function generateHash(value: string): string {
   textEncoder ??= new TextEncoder();
