1
0
mirror of https://github.com/alanorth/hugo-theme-bootstrap4-blog.git synced 2024-12-19 00:52:19 +01:00

Start using SRI hashes for CSS/JS assets

Uses Hugo's site data mechanism to load pre-generated asset hashes.
This commit is contained in:
Alan Orth 2017-01-11 10:42:49 +02:00
parent 683755f95d
commit 0e381ab120
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9
3 changed files with 6 additions and 3 deletions

3
data/sri.toml Normal file
View File

@ -0,0 +1,3 @@
style = "sha384-qRVpIj9hSzsBhmO8Y7YEKF2UFra2sJQtl9V/uFKKDvy+Wjh9zgTku6VRgT8YdPoD"
cookieconsentcss = "sha384-6iYDyQZuuNT7DcPJGXx241czdv2+GDGUcXRiqw1iXrjgYMTorSetxFP3JCMQMwnR"
cookieconsentjs = "sha384-PDjg2ZdS3khPzd53i18+7tzB32JVQfFMrTXYo21RqPgUmEVAPwIhxOUF/8sP79CS"

View File

@ -9,7 +9,7 @@
<title>{{ block "title" . }}{{ .Site.Title }}{{ end }}</title>
{{ "<!-- combined, minified CSS -->" | safeHTML }}
<link href="{{ .Site.BaseURL }}css/style.css" rel="stylesheet">
<link href="{{ .Site.BaseURL }}css/style.css" rel="stylesheet" integrity="{{ .Site.Data.sri.style}}" crossorigin="anonymous">
{{ if .RSSLink }}
{{ "<!-- RSS 2.0 feed -->" | safeHTML }}

View File

@ -1,5 +1,5 @@
<link href="{{ .Site.BaseURL }}css/cookieconsent.min.css" rel="stylesheet" type="text/css">
<script src="{{ .Site.BaseURL }}js/cookieconsent.min.js" async></script>
<link href="{{ .Site.BaseURL }}css/cookieconsent.min.css" rel="stylesheet" type="text/css" integrity="{{ .Site.Data.sri.cookieconsentcss }}" crossorigin="anonymous">
<script src="{{ .Site.BaseURL }}js/cookieconsent.min.js" integrity="{{ .Site.Data.sri.cookieconsentjs }}" crossorigin="anonymous" async></script>
<script>
window.addEventListener("load", function(){