Add SRI for static assets
Will extract out into a library someday
This commit is contained in:
parent
15c25e5cdb
commit
2d7dea438f
3 changed files with 59 additions and 4 deletions
|
@ -1,4 +1,5 @@
|
||||||
{% load static %}
|
{% load static %}
|
||||||
|
{% load sri %}
|
||||||
|
|
||||||
<!DOCTYPE HTML>
|
<!DOCTYPE HTML>
|
||||||
<html lang="en" dir="ltr">
|
<html lang="en" dir="ltr">
|
||||||
|
@ -13,8 +14,10 @@
|
||||||
<link rel="icon" type="image/png" href='{% static "img/logo-transparent.png" %}'/>
|
<link rel="icon" type="image/png" href='{% static "img/logo-transparent.png" %}'/>
|
||||||
|
|
||||||
<title>{% block title %}{% endblock %} :: TheOrangeOne</title>
|
<title>{% block title %}{% endblock %} :: TheOrangeOne</title>
|
||||||
<link rel="stylesheet" href="{% static 'css/font-awesome.min.css' %}" />
|
|
||||||
<link rel="stylesheet" href="{% static 'css/index.css' %}" />
|
{% sri_css "css/font-awesome.min.css" %}
|
||||||
|
{% sri_css "css/index.css" %}
|
||||||
|
|
||||||
</head>
|
</head>
|
||||||
<body class="{{ view_name }}">
|
<body class="{{ view_name }}">
|
||||||
<header id="top">
|
<header id="top">
|
||||||
|
@ -47,8 +50,9 @@
|
||||||
</footer>
|
</footer>
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
||||||
<script type="text/javascript" src="{% static 'js/materialize.min.js' %}"></script>
|
|
||||||
<script type="text/javascript" src="{% static 'js/index.js' %}"></script>
|
{% sri_js "js/materialize.min.js" %}
|
||||||
|
{% sri_js "js/index.js" %}
|
||||||
|
|
||||||
{% block extrascripts %}{% endblock %}
|
{% block extrascripts %}{% endblock %}
|
||||||
</body>
|
</body>
|
||||||
|
|
0
website/common/templatetags/__init__.py
Normal file
0
website/common/templatetags/__init__.py
Normal file
51
website/common/templatetags/sri.py
Normal file
51
website/common/templatetags/sri.py
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
# Based off https://github.com/claudep/django/commit/89aa4c04dbffcbafc05c3e2053b2262be8de4d3d
|
||||||
|
|
||||||
|
import base64
|
||||||
|
import hashlib
|
||||||
|
import os
|
||||||
|
from functools import lru_cache
|
||||||
|
|
||||||
|
from django import template
|
||||||
|
from django.conf import settings
|
||||||
|
from django.templatetags.static import static
|
||||||
|
from django.utils.safestring import mark_safe
|
||||||
|
|
||||||
|
register = template.Library()
|
||||||
|
|
||||||
|
|
||||||
|
@lru_cache
|
||||||
|
def generate_sha256(path):
|
||||||
|
with open(path, "r") as f:
|
||||||
|
body = f.read()
|
||||||
|
digest = hashlib.sha256(body.encode()).digest()
|
||||||
|
sha = base64.b64encode(digest).decode()
|
||||||
|
return "sha256-{}".format(sha)
|
||||||
|
|
||||||
|
|
||||||
|
def attrs_to_str(attrs):
|
||||||
|
return " ".join('{}="{}"'.format(k, v) for k, v in attrs.items())
|
||||||
|
|
||||||
|
|
||||||
|
@register.simple_tag
|
||||||
|
def sri_js(url):
|
||||||
|
path = os.path.join(settings.STATIC_ROOT, url)
|
||||||
|
attrs = {
|
||||||
|
"href": static(url),
|
||||||
|
"type": "text/javascript",
|
||||||
|
"integrity": generate_sha256(path),
|
||||||
|
"crossorigin": "anonymous",
|
||||||
|
}
|
||||||
|
return mark_safe(f"<script {attrs_to_str(attrs)}></script>")
|
||||||
|
|
||||||
|
|
||||||
|
@register.simple_tag
|
||||||
|
def sri_css(url):
|
||||||
|
path = os.path.join(settings.STATIC_ROOT, url)
|
||||||
|
attrs = {
|
||||||
|
"href": static(url),
|
||||||
|
"type": "text/css",
|
||||||
|
"rel": "stylesheet",
|
||||||
|
"integrity": generate_sha256(path),
|
||||||
|
"crossorigin": "anonymous",
|
||||||
|
}
|
||||||
|
return mark_safe(f"<link {attrs_to_str(attrs)}/>")
|
Reference in a new issue