当我在客户端散列密码时,我没有得到散列字符串,而是获取密码本身
Posted
技术标签:
【中文标题】当我在客户端散列密码时,我没有得到散列字符串,而是获取密码本身【英文标题】:when I hash my password on the client side , I am not getting the hashed string instead getting the password itself 【发布时间】:2022-01-06 22:13:28 【问题描述】:我试图在将密码发送到我的服务器(Tomcat 服务器)之前在客户端对我的密码进行哈希处理,当我点击提交时,表单在将密码的值更新为哈希码之前被提交 如何确保我的表单在脚本执行后被提交? 或者有更好的方法吗?
<html>
<head>
<title>TODO supply a title</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,
initial-scale=1.0">
</head>
<body>
<h1></h1>
<form method="post" onsubmit="encrypt(event);" action="login" >
<input type="text" name="user_id">
<input type="password" name="password" id="pass">
<button id="but1" type="submit">submit</button>
</form>
<script>
function encrypt(event)
// event.preventDefault();//prevents from form getting auto submitted
document.querySelector("body").style.color="red";
sha512(document.getElementById("pass").value).then((x)=>
document.getElementById("pass").value=x;
document.querySelector("h1").innerHTML = x;
);
function sha512(str)
return crypto.subtle.digest("SHA-512", new TextEncoder("utf-
8").encode(str)).then(buf =>
return Array.prototype.map.call(new Uint8Array(buf), x=>
(('00'+x.toString(16)).slice(-2))).join('');
);
sha512("my string for hashing").then(x => console.log(x));
</script>
</body>
</html>
【问题讨论】:
【参考方案1】:完成后提交表单
<form id="form1" method="post" onsubmit="encrypt(event);" action="login" >
<input type="text" name="user_id">
<input type="password" name="password" id="pass">
<button id="but1" type="submit">submit</button>
</form>
function encrypt(event)
event.preventDefault(); //prevents from form getting auto submitted
document.querySelector("body").style.color = "red";
sha512(document.getElementById("pass").value).then((x) =>
document.getElementById("pass").value = x;
document.querySelector("h1").innerHTML = x;
document.getElementById("form1").submit(); // submitting the form
);
【讨论】:
以上是关于当我在客户端散列密码时,我没有得到散列字符串,而是获取密码本身的主要内容,如果未能解决你的问题,请参考以下文章