SHA256 Subresource Integrity of dependencies #8

aardbol · 2019-06-08T09:30:33Z

By viewing the source code, it should be immediately clear that the JavaScript/CSS dependencies have not been modified since the user's last visit, to allow for more transparency of changes to the code. We can improve this by adding the Subresource Integrity sha256 hashes to the script and stylesheet elements.

Every time a dependency is upgraded, the hash will be updated and added to this issue for transparency.

Current hashes:

jquery-3.4.1.js
sha256-WpOohJOqMqqyKL9FccASB9O0KwACQJpFTUBLTYOVvVU=

semantic-2.7.5.js
sha256-/fbdRVqLH/oOOtOg/Eb0A1ttDWTJn6L6yxhO2HC/+yg=

xxtea.js
sha256-FeTvtpHz0E1sewBokHlUBIwlYAx0yA7f9m+KVHvEJCY=

semantic-2.7.5.css
sha256-3a0+mzIiHF2Wt5DvkjjoX0+M9otO3KTaMaqhaSwVZXg=

custom.css
sha256-kh6gVNFTId2fxJriixeeDfo5X8rK0ZW9i81infWYch8=

The text was updated successfully, but these errors were encountered:

aardbol pinned this issue Jun 8, 2019

aardbol mentioned this issue Jun 8, 2019

Add SRI to dependencies #7

Closed

aardbol added a commit that referenced this issue Jun 30, 2019

add integrity hashes for about and security pages #8

3bbe41f

aardbol added a commit that referenced this issue Jun 30, 2019

added SRI has for custom.css #8

44e6401

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SHA256 Subresource Integrity of dependencies #8

SHA256 Subresource Integrity of dependencies #8

aardbol commented Jun 8, 2019 •

edited

Loading

SHA256 Subresource Integrity of dependencies #8

SHA256 Subresource Integrity of dependencies #8

Comments

aardbol commented Jun 8, 2019 • edited Loading

aardbol commented Jun 8, 2019 •

edited

Loading