mirror of
https://github.com/alanorth/hugo-theme-bootstrap4-blog.git
synced 2024-12-18 16:42:21 +01:00
Add tooling to generate SRI hashes for assets
Subresource integrity allows user agents to verify that a fetched resource has been delivered without unexpected manipulation[0]. I put theme assets in a json configuration file and save the hashes to a TOML file that Hugo loads via its theme data mechanism[1]. [0] https://www.w3.org/TR/SRI/ [1] https://gohugo.io/extras/datafiles/
This commit is contained in:
parent
c2d9b1ad74
commit
683755f95d
5
build/assets.json
Normal file
5
build/assets.json
Normal file
@ -0,0 +1,5 @@
|
||||
{
|
||||
"style": "static/css/style.css",
|
||||
"cookieconsentcss": "static/css/cookieconsent.min.css",
|
||||
"cookieconsentjs": "static/js/cookieconsent.min.js"
|
||||
}
|
23
build/sri.js
Normal file
23
build/sri.js
Normal file
@ -0,0 +1,23 @@
|
||||
// Adapted from: https://gist.github.com/jmervine/ae1bace0fe37dce75b90ec3e9592771c
|
||||
|
||||
var crypto = require('crypto');
|
||||
var fs = require('fs');
|
||||
var assets = require('./assets.json');
|
||||
|
||||
var generate384 = function (file) {
|
||||
var enc = 'utf8';
|
||||
var body = fs.readFileSync(file, { encoding: enc });
|
||||
var hash = crypto.createHash('sha384').update(body, enc);
|
||||
var sha = hash.digest('base64');
|
||||
|
||||
return 'sha384-' + sha;
|
||||
}
|
||||
|
||||
for (var asset in assets) {
|
||||
var path = assets[asset];
|
||||
var hash = generate384(path);
|
||||
|
||||
console.log(asset + ' = "' + hash + '"');
|
||||
}
|
||||
|
||||
// vim: set ts=2 sw=2 et:
|
@ -10,7 +10,8 @@
|
||||
"build:css": "node-sass --output-style expanded --precision 6 source/scss/style.scss static/css/style.css.tmp && cleancss --skip-advanced static/css/style.css.tmp -o static/css/style.css",
|
||||
"build:fonts": "cp node_modules/font-awesome/fonts/* static/fonts",
|
||||
"build:cookieconsent": "cp node_modules/cookieconsent/build/cookieconsent.min.css static/css && cp node_modules/cookieconsent/build/cookieconsent.min.js static/js",
|
||||
"build": "npm run build:css && npm run build:fonts && npm run build:cookieconsent && npm run clean",
|
||||
"build:generatesri": "node build/sri.js > data/sri.toml",
|
||||
"build": "npm run build:css && npm run build:fonts && npm run build:cookieconsent && npm run build:generatesri && npm run clean",
|
||||
"clean": "rm static/css/style.css.tmp"
|
||||
},
|
||||
"keywords": "hugo",
|
||||
|
Loading…
Reference in New Issue
Block a user