Infra-Mirrors/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2025-07-24 07:20:45 -04:00
Code Issues Projects Releases Packages Wiki Activity

SRI hashes are now configurable, no longer hardcoded in templates

Browse source 
- addresses #1365
- should make upgrades easier for those using custom templates
- if the JS files got customized, the default SRI hashes can be replaced in the conf.php file, added commented section in conf.sample.php
This commit is contained in:
El RIDO 2024-07-07 16:36:52 +02:00
parent 3cba170f32
commit 8b3b16be44
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
10 changed files with 95 additions and 62 deletions
Download patch file Download diff file Expand all files Collapse all files

18
lib/View.php
View file

@ -57,4 +57,22 @@ class View
extract($this->_variables);
include $path;
}
/**
* echo script tag incl. SRI hash for given script file
*
* @access private
* @param string $file
* @param bool $async should it execute ASAP or only after HTML got parsed
*/
private function _scriptTag($file, $async = true)
{
$sri = array_key_exists($file, $this->_variables['SRI']) ?
' integrity="' . $this->_variables['SRI'][$file] . '"' : '';
$suffix = preg_match('#\d.js$#', $file) == 0 ?
'?' . rawurlencode($this->_variables['VERSION']) : '';
echo '<script ', $async ? 'async' : 'defer',
' type="text/javascript" data-cfasync="false" src="', $file,
$suffix, '"', $sri, ' crossorigin="anonymous"></script>', PHP_EOL;
}
}