From 0935f2d23aebccf3bb1bdd7974189dde4c8fc2bc Mon Sep 17 00:00:00 2001
From: Eric Eastwood <contact@ericeastwood.com>
Date: Fri, 25 Feb 2022 01:59:48 -0600
Subject: [PATCH 1/2] Only try to use window.crypto.subtle in secure contexts
 to avoid it throwing and stopping all JavaScript

Relevant error if you crypto is used in a non-secure context like a local LAN IP `http://192.168.1.151:3050/`
```
Uncaught (in promise) TypeError: Cannot read properties of undefined (reading 'deriveBits')
	at new Crypto
	at new Platform
	at mountHydrogen
```

For my use-case with https://github.com/matrix-org/matrix-public-archive, I don't need crypto/encryption at all.

Docs:

 - https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts
 - https://developer.mozilla.org/en-US/docs/Web/API/Crypto/subtle
    - "Secure context: This feature is available only in secure contexts (HTTPS), in some or all supporting browsers."

---

Related to https://github.com/vector-im/hydrogen-web/issues/579
---
 src/platform/web/Platform.js | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/platform/web/Platform.js b/src/platform/web/Platform.js
index 9de3d4ce89..b6fdfae550 100644
--- a/src/platform/web/Platform.js
+++ b/src/platform/web/Platform.js
@@ -143,7 +143,10 @@ export class Platform {
             this._serviceWorkerHandler.registerAndStart(assetPaths.serviceWorker);
         }
         this.notificationService = new NotificationService(this._serviceWorkerHandler, config.push);
-        this.crypto = new Crypto(cryptoExtras);
+        // `window.crypto.subtle` is only available in a secure context
+        if(window.isSecureContext) {
+            this.crypto = new Crypto(cryptoExtras);
+        }
         this.storageFactory = new StorageFactory(this._serviceWorkerHandler);
         this.sessionInfoStorage = new SessionInfoStorage("hydrogen_sessions_v1");
         this.estimateStorageUsage = estimateStorageUsage;

From 2f4c639cef3246386cf9e739ffbd1039184f5678 Mon Sep 17 00:00:00 2001
From: Eric Eastwood <contact@ericeastwood.com>
Date: Wed, 2 Mar 2022 03:17:59 -0600
Subject: [PATCH 2/2] Only initialize Crypto when olm is provided

See https://github.com/vector-im/hydrogen-web/pull/691#discussion_r816988082
---
 src/platform/web/Platform.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/platform/web/Platform.js b/src/platform/web/Platform.js
index b6fdfae550..8c8b4facd3 100644
--- a/src/platform/web/Platform.js
+++ b/src/platform/web/Platform.js
@@ -143,8 +143,8 @@ export class Platform {
             this._serviceWorkerHandler.registerAndStart(assetPaths.serviceWorker);
         }
         this.notificationService = new NotificationService(this._serviceWorkerHandler, config.push);
-        // `window.crypto.subtle` is only available in a secure context
-        if(window.isSecureContext) {
+        // Only try to use crypto when olm is provided
+        if(this._assetPaths.olm) {
             this.crypto = new Crypto(cryptoExtras);
         }
         this.storageFactory = new StorageFactory(this._serviceWorkerHandler);