From e4bcf3fabd748fbb9e355ca9b06e9a92f9caacf1 Mon Sep 17 00:00:00 2001
From: Andrew Clark <git@andrewclark.io>
Date: Tue, 5 Nov 2024 14:23:56 -0500
Subject: [PATCH] Use crypto module to generate prefetch token

These tokens don't need to be cryptographically secure (yet) but
eventually they will be so might as well use an actual hash function
to generate them.
---
 .../next/src/server/app-render/collect-segment-data.tsx   | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/packages/next/src/server/app-render/collect-segment-data.tsx b/packages/next/src/server/app-render/collect-segment-data.tsx
index 4b9897ef4fc17..3a6b9e7941874 100644
--- a/packages/next/src/server/app-render/collect-segment-data.tsx
+++ b/packages/next/src/server/app-render/collect-segment-data.tsx
@@ -11,6 +11,7 @@ import { createFromReadableStream } from 'react-server-dom-webpack/client.edge'
 // eslint-disable-next-line import/no-extraneous-dependencies
 import { renderToReadableStream } from 'react-server-dom-webpack/server.edge'
 
+import { createHash } from 'crypto'
 import {
   streamFromBuffer,
   streamToBuffer,
@@ -432,7 +433,8 @@ function createSegmentAccessToken(
   // performing dynamic navigations, to support auth checks in a layout that
   // conditionally renders its slots. At that point we'll need to create an
   // actual cryptographic hash with a salt.
-  return Buffer.from(parentSegmentPathStr + parallelRouteKey, 'utf-8')
-    .toString('hex')
-    .slice(0, 7)
+  return createHash('sha1')
+    .update(parentSegmentPathStr)
+    .update(parallelRouteKey)
+    .digest('hex')
 }