Expand my Community achievements bar.

SOLVED

ACS AEM Commons Versioned Clientlibs

Avatar

Level 1

Hi All, ACS AEM Commons Versioned ClientLibs uses Sling Rewriter to rewrite the client libraries generated by aem and append a unique MD5 value at the end of the client library URL and later it is cached. It generates a new MD5 value every time a modification to the client library happens and appends the generated MD5 value to the client library url for re-cashing. MD5 cryptographic algorithms are outdated and vulnerable to security. Is there another version of the Versioned ClientLibs or any other implementation that uses SHA2 Family (SHA256, SHA386, and SHA512) instead of MD5?

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Thanks for calling out the security vulnerability. I guess the only option you've is to write you own custom logic to implement the MD5.

View solution in original post

1 Reply

Avatar

Correct answer by
Community Advisor

Thanks for calling out the security vulnerability. I guess the only option you've is to write you own custom logic to implement the MD5.