v0.6.0
@mqxym/secure-local-storage Changelog
0.6.0: Hardened Import, Validation, and Error Handling
This release strengthens import/decrypt validation, improves error messages, and aligns password rules for greater consistency and security.
Import
- Enforced strict shape validation for bundles (header/data consistency, salt/rounds semantics, mPw type).
- Clearer error messages for missing master vs. export password requirements.
DeviceKeyProvider
deletePersistentnow deletes only the targetedkeyId.- Full DB deletion remains only as a fallback, reducing risk of cross-tenant key loss.
Storage
- Extended quota detection to cover more browser variants (
NS_ERROR_DOM_QUOTA_REACHED, code 1014, and generic quota messages).
PlainObject
getData()now requires decrypted payloads to be true plain objects, rejecting arrays, null-prototype objects, or class instances.
Passwords
- Master password flows reject whitespace-only inputs.
- Consistent validation with export password rules.
Base64
bytesToBase64explicitly handles empty inputs.base64ToBytesrejects whitespace-only inputs and normalizes embedded whitespace.
Tests
- Added import validation tests for invalid base64, salt/rounds mismatches, and bad mPw types.
- Extended quota handling tests for new detection variants (
NS_ERROR_DOM_QUOTA_REACHED, message-based). - Added tampered ciphertext tests to verify
getData()rejects non-plain object payloads. - Covered
DeviceKeyProvidersurgical delete path to ensure only targeted keys are removed. - Added KeyDerivation
importKeyfailure tests to validateCryptoErrorwrapping. - Extended base64 utility tests for empty inputs, whitespace-only, and embedded whitespace.
- Added
rotateMasterPasswordin device mode path tests to confirm correct transition into master mode.
Migration Notes
- Plain object enforcement:
getData()will now reject arrays, class instances, or null-prototype objects. Ensure your data serialization results in plain objects. - Password input validation: Whitespace-only passwords will now be rejected. Update UI validation to align with these stricter rules.
- DeviceKeyProvider behavior change: Persistent key deletion now affects only the specified
keyId. If your workflow depended on full DB resets, update your logic accordingly.
0.5.0: Security Hardening, Configurability, and Improved Error Handling
SecureDataView
- Added deep read-only enforcement to prevent nested object mutation.
- Introduced locked state enforcement after
.clear()to ensure wiped data cannot be accessed.
Error Handling
- Separated validation errors from crypto errors in decryption and unwrap flows.
- Added clearer messages for base64 parsing and JSON validation.
- Improved handling of storage quota errors across browsers (
QuotaExceededError,NS_ERROR_DOM_QUOTA_REACHED, message-based detection).
Config Validation
-
Hardened configuration checks in
initialize():- Validates coherence of salt/rounds.
- Ensures base64 fields decode correctly.
- Validates decrypted payload shape (must be plain object).
DeviceKeyProvider
- Added support for configurable IndexedDB settings (
dbName,storeName,keyId). - Consistent IndexedDB feature detection across methods.
- Isolated in-memory keys per config for multi-tenant scenarios.
Key Derivation
- Added validation for iteration count (iterations must be positive integer within safe bounds).
Base64
- Added support for base64url variants (
-and_), whitespace trimming, and auto-padding. - Improved error messages for invalid base64.
API / Usability
unlock()clarified to be a no-op in device mode.- Added recommended update pattern:
decrypt → copy → update → setData → clear.
Tests
-
Extended coverage for:
- Deep immutability of
SecureDataView. - Validation vs crypto errors in
EncryptionManager. DeviceKeyProviderwith customidbConfig.- Quota error variants.
- Master password and export/import edge cases.
- Base64 url-safe input and invalid inputs.
- Deep immutability of
Migration Notes
- Recommended update pattern: Adopt the new
getData() → deepCopy → update → setData → clearworkflow for safer state handling.