fix(default-config): sometimes browsers don't send Upgrade-Insecure-Requests

Signed-off-by: Xe Iaso <me@xeiaso.net>

docs/docs/CHANGELOG.md

@@ -22,7 +22,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Document missing environment variables in installation guide: `SLOG_LEVEL`, `COOKIE_PREFIX`, `FORCED_LANGUAGE`, and `TARGET_DISABLE_KEEPALIVE` ([#1086](https://github.com/TecharoHQ/anubis/pull/1086)).
 - Add validation warning when persistent storage is used without setting signing keys.
 - Fixed `robots2policy` to properly group consecutive user agents into `any:` instead of only processing the last one ([#925](https://github.com/TecharoHQ/anubis/pull/925)).
-- Make the `fast` algorithm prefer purejs when running in an insecure context.
 - Add the [`s3api` storage backend](./admin/policies.mdx#s3api) to allow Anubis to use S3 API compatible object storage as its storage backend.
 - Fix a "stutter" in the cookie name prefix so the auth cookie is named `techaro.lol-anubis-auth` instead of `techaro.lol-anubis-auth-auth`.
 - Make `cmd/containerbuild` support commas for separating elements of the `--docker-tags` argument as well as newlines.

web/js/algorithms/fast.ts

@@ -18,12 +18,7 @@ export default function process(
 ): Promise<string> {
   console.debug("fast algo");
 
-  // Choose worker based on secure context.
-  // Use the WebCrypto worker if the page is a secure context; otherwise fall back to pure‑JS.
-  let workerMethod: "webcrypto" | "purejs" = "purejs";
-  if (window.isSecureContext) {
-    workerMethod = "webcrypto";
-  }
+  let workerMethod = window.crypto !== undefined ? "webcrypto" : "purejs";
 
   if (navigator.userAgent.includes("Firefox") || navigator.userAgent.includes("Goanna")) {
     console.log("Firefox detected, using pure-JS fallback");
@@ -87,4 +82,4 @@ export default function process(
       workers.push(worker);
     }
   });
-}
+}