Increase the number of characters in s3 URLs

We used to use 6. This gives 32^6 possible URLs. As we increase the number of URLs the godbolt.org site stores, the chance of an attacker being able to guess existing URLs has increased. To stay one step ahead, we bump to 9 characetrs here: 32^9 possible is 35 trillion possibilities.
2025-12-27 10:33:59 -05:00 · 2021-03-21 15:03:45 -05:00
parent 7f4c4a9ebf
commit 6fcf5d758f
2 changed files with 12 additions and 12 deletions
--- a/lib/storage/s3.js
+++ b/lib/storage/s3.js
@@ -31,7 +31,7 @@ import { anonymizeIp } from '../utils';

 import { StorageBase } from './base';

-const MIN_STORED_ID_LENGTH = 6;
+const MIN_STORED_ID_LENGTH = 9;

 export class StorageS3 extends StorageBase {
    static get key() { return 's3'; }
--- a/test/storage/storage-s3-tests.js
+++ b/test/storage/storage-s3-tests.js
@@ -70,8 +70,8 @@ describe('Find unique subhash tests', () => {
        return storage.findUniqueSubhash('ABCDEFGHIJKLMNOPQRSTUV').should.eventually.deep.equal(
            {
                alreadyPresent: false,
-                prefix: 'ABCDEF',
-                uniqueSubHash: 'ABCDEF',
+                prefix: 'ABCDEFGHI',
+                uniqueSubHash: 'ABCDEFGHI',
            },
        );
    });
@@ -90,8 +90,8 @@ describe('Find unique subhash tests', () => {
        return storage.findUniqueSubhash('ABCDEFGHIJKLMNOPQRSTUV').should.eventually.deep.equal(
            {
                alreadyPresent: false,
-                prefix: 'ABCDEF',
-                uniqueSubHash: 'ABCDEF',
+                prefix: 'ABCDEFGHI',
+                uniqueSubHash: 'ABCDEFGHI',
            },
        );
    });
@@ -101,8 +101,8 @@ describe('Find unique subhash tests', () => {
            return {
                Items: [
                    {
-                        full_hash: {S: 'ABCDEFZZ'},
-                        unique_subhash: {S: 'ABCDEF'},
+                        full_hash: {S: 'ABCDEFGHIZZ'},
+                        unique_subhash: {S: 'ABCDEFGHI'},
                    },
                ],
            };
@@ -110,8 +110,8 @@ describe('Find unique subhash tests', () => {
        return storage.findUniqueSubhash('ABCDEFGHIJKLMNOPQRSTUV').should.eventually.deep.equal(
            {
                alreadyPresent: false,
-                prefix: 'ABCDEF',
-                uniqueSubHash: 'ABCDEFG',
+                prefix: 'ABCDEFGHI',
+                uniqueSubHash: 'ABCDEFGHIJ',
            },
        );
    });
@@ -122,7 +122,7 @@ describe('Find unique subhash tests', () => {
                Items: [
                    {
                        full_hash: {S: 'ABCDEFGHIJKLMNOPQRSTUV'},
-                        unique_subhash: {S: 'ABCDEF'},
+                        unique_subhash: {S: 'ABCDEFGHI'},
                    },
                ],
            };
@@ -130,8 +130,8 @@ describe('Find unique subhash tests', () => {
        return storage.findUniqueSubhash('ABCDEFGHIJKLMNOPQRSTUV').should.eventually.deep.equal(
            {
                alreadyPresent: true,
-                prefix: 'ABCDEF',
-                uniqueSubHash: 'ABCDEF',
+                prefix: 'ABCDEFGHI',
+                uniqueSubHash: 'ABCDEFGHI',
            },
        );
    });