Generate SRI integrity hashes into html

to prevent loading of scripts which were modified on the network transport Signed-off-by: Knut Ahlers <knut@ahlers.me>
2025-05-14 20:12:23 -04:00 · 2018-05-05 19:08:02 +02:00 · 2018-05-05 19:08:02 +02:00 · 7aaf7a7f53
commit 7aaf7a7f53
parent a7c4c584cc
5 changed files with 163 additions and 139 deletions
--- a/tplFuncs.go
+++ b/tplFuncs.go
@ -0,0 +1,22 @@
+package main
+
+import (
+	"crypto/sha512"
+	"encoding/base64"
+	"path"
+	"text/template"
+)
+
+var tplFuncs = template.FuncMap{
+	"SRIHash": assetSRIHash,
+}
+
+func assetSRIHash(assetName string) string {
+	data := MustAsset(path.Join("frontend", assetName))
+
+	h := sha512.New384()
+	h.Write(data)
+	sum := h.Sum(nil)
+
+	return "sha384-" + base64.StdEncoding.EncodeToString(sum)
+}