From 49fa5cdd26fe364bcd8d898c6d79f2d23254d7d9 Mon Sep 17 00:00:00 2001 From: City of Vernonia GIS Date: Tue, 15 Jan 2019 09:51:48 -0800 Subject: [PATCH] docs(cdn): add sri hashes --- docs/acetate.config.js | 69 ++++++++++++++++++++++++++++++++++++++ docs/src/api/_package.html | 2 ++ package-lock.json | 8 ++++- package.json | 1 + 4 files changed, 79 insertions(+), 1 deletion(-) diff --git a/docs/acetate.config.js b/docs/acetate.config.js index d08d10de18..e4950bac72 100644 --- a/docs/acetate.config.js +++ b/docs/acetate.config.js @@ -5,7 +5,47 @@ const _ = require("lodash"); const IS_DEV = process.env.ENV !== "prod"; +const pkgVersion = process.env.npm_package_version; +const request = require("request"); +const sriToolbox = require("sri-toolbox"); + +const packages = [ + "auth", + "common", + "feature-service", + "feature-service-admin", + "geocoder", + "groups", + "items", + "request", + "routing", + "sharing", + "users" +]; + +const sriHashes = {}; + +generateSriHashes = () => { + packages.forEach(pkg => { + const url = `http://unpkg.com/@esri/arcgis-rest-${pkg}@${pkgVersion}/dist/umd/${pkg}.umd.min.js`; + request(url, (err, res, body) => { + if (err) { + sriHashes[pkg] = "SRI_HASH_FAILED"; + } else { + sriHashes[pkg] = sriToolbox.generate({ + algorithms: ["sha384"] + }, body); + } + }); + }); +}; + module.exports = function(acetate) { + /** + * Generate SRI hashes for dist minified js files. + */ + generateSriHashes(); + /** * Load all .html and markdown pages in the `src` folder, assigning them a * default layout. @@ -212,6 +252,35 @@ module.exports = function(acetate) { }@${package.version}/dist/umd/${package.name.replace("@esri/arcgis-rest-", "")}.umd.min.js"></script>`; }); + acetate.helper("scriptTagSRI", function(context, package) { + const hash = sriHashes[package.name.replace("@esri/arcgis-rest-", "")] || null; + if (hash) { + // if file request failed on doc deploy return basic script tag + if (hash === "SRI_HASH_FAILED") { + return `<script src="https://unpkg.com/${ + package.name + }@${ + package.version + }/dist/umd/${ + package.name.replace("@esri/arcgis-rest-", "") + }.umd.min.js"></script>`; + } else { + return `<script src="https://unpkg.com/${ + package.name + }@${ + package.version + }/dist/umd/${ + package.name.replace("@esri/arcgis-rest-", "") + }.umd.min.js" integrity="${ + hash + }" crossorigin="anonymous"></script>`; + } + } else { + // common-types has no browser + return `This is a development package. Not avaiable via CDN.`; + } + }); + acetate.helper("npmInstallCmd", function(context, package) { const peers = package.peerDependencies ? Object.keys(package.peerDependencies).map( diff --git a/docs/src/api/_package.html b/docs/src/api/_package.html index f973826872..2bea30f2a2 100644 --- a/docs/src/api/_package.html +++ b/docs/src/api/_package.html @@ -5,6 +5,8 @@

npm install:

{% npmInstallCmd pkg %}

CDN:

{% scriptTag pkg %}
+

SRI:

+
{% scriptTagSRI pkg %}