mirror of
https://github.com/microsoft/vscode.git
synced 2025-12-19 17:58:39 +00:00
8ef6961789
Works quite similarly to vscode.dev. The client has a key stored in secret storage. The server has a key stored server-side, and issues an http-only cookie to the client. The client can ask the server to combine its key and the http-only cookie key to a key component, which it combines with its local key to encrypt and decrypt data. This logic kicks in if the web server bits see a `vscode-secret-key-path` cookie set when it loads.