Generate SRI integrity hashes into html

to prevent loading of scripts which were modified on the network transport Signed-off-by: Knut Ahlers <knut@ahlers.me>
2025-05-31 11:54:16 -04:00 · 2018-05-05 19:08:02 +02:00 · 2018-05-05 19:08:02 +02:00 · 7aaf7a7f53
commit 7aaf7a7f53
parent a7c4c584cc
5 changed files with 163 additions and 139 deletions
--- a/frontend/index.html
+++ b/frontend/index.html
@ -6,9 +6,9 @@
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

-    <link rel="stylesheet" href="/css/bootstrap.min.css" />
-    <link rel="stylesheet" href="/css/bootswatch.min.css" />
-		<link rel="stylesheet" href="/css/fontawesome-all.min.css" />
+    <link rel="stylesheet" href="/css/bootstrap.min.css" integrity="{{SRIHash `/css/bootstrap.min.css`}}" />
+    <link rel="stylesheet" href="/css/bootswatch.min.css" integrity="{{SRIHash `/css/bootswatch.min.css`}}" />
+    <link rel="stylesheet" href="/css/fontawesome-all.min.css" integrity="{{SRIHash `/css/fontawesome-all.min.css`}}" />

    <title>OTS - One Time Secrets</title>

@ -122,11 +122,11 @@
      </div>
    </div>

-		<script src="/js/jquery.min.js"></script>
-    <script src="/js/popper.min.js"></script>
-    <script src="/js/bootstrap.min.js"></script>
-    <script src="/js/gibberish-aes.min.js"></script>
-    <script src="application.js"></script>
+    <script src="/js/jquery.min.js" integrity="{{SRIHash `/js/jquery.min.js`}}"></script>
+    <script src="/js/popper.min.js" integrity="{{SRIHash `/js/popper.min.js`}}"></script>
+    <script src="/js/bootstrap.min.js" integrity="{{SRIHash `/js/bootstrap.min.js`}}"></script>
+    <script src="/js/gibberish-aes.min.js" integrity="{{SRIHash `/js/gibberish-aes.min.js`}}"></script>
+    <script src="application.js" integrity="{{SRIHash `application.js`}}"></script>
  </body>
 </html>