From 54af457d8eec29370bec3f7c2a8d42d564554010 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Thu, 1 Sep 2022 08:36:39 +0100 Subject: [PATCH] Add SRI --- requirements/base.in | 1 + requirements/base.txt | 3 ++- requirements/dev.txt | 3 ++- website/common/templates/base.html | 14 +++++++------- website/common/templates/common/content_page.html | 11 ++++++----- website/search/templates/search/search_page.html | 4 ++-- website/settings.py | 1 + 7 files changed, 21 insertions(+), 16 deletions(-) diff --git a/requirements/base.in b/requirements/base.in index d6b0533..d9216cf 100644 --- a/requirements/base.in +++ b/requirements/base.in @@ -21,6 +21,7 @@ drf-yasg django-plausible sentry-sdk wagtail-favicon +django-sri # Pinned due to lack of Wagtail 3 support git+https://github.com/wagtail/wagtail-autocomplete@03f46a0c256989690d0a43fc21fe0f37f9ede765 diff --git a/requirements/base.txt b/requirements/base.txt index a230cc6..6d473a6 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -15,7 +15,7 @@ click==8.1.3 # via rq coreapi==2.3.3 # via drf-yasg coreschema==0.0.4 # via coreapi, drf-yasg deprecated==1.2.13 # via redis -django==4.0.6 # via -r requirements/base.in, django-filter, django-htmx, django-modelcluster, django-permissionedforms, django-plausible, django-redis, django-rq, django-taggit, django-treebeard, djangorestframework, drf-yasg, wagtail +django==4.0.6 # via -r requirements/base.in, django-filter, django-htmx, django-modelcluster, django-permissionedforms, django-plausible, django-redis, django-rq, django-sri, django-taggit, django-treebeard, djangorestframework, drf-yasg, wagtail django-environ==0.9.0 # via -r requirements/base.in django-filter==21.1 # via wagtail django-htmx==1.12.1 # via -r requirements/base.in @@ -24,6 +24,7 @@ django-permissionedforms==0.1 # via wagtail django-plausible==0.3.0 # via -r requirements/base.in django-redis==5.2.0 # via -r requirements/base.in django-rq==2.5.1 # via -r requirements/base.in +django-sri==0.4.0 # via -r requirements/base.in django-taggit==2.1.0 # via wagtail django-treebeard==4.5.1 # via wagtail djangorestframework==3.13.1 # via -r requirements/base.in, drf-yasg, wagtail diff --git a/requirements/dev.txt b/requirements/dev.txt index 1489170..2dd0c64 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -20,7 +20,7 @@ coreschema==0.0.4 # via -r requirements/base.txt, coreapi, drf-yasg coverage==6.4.4 # via -r requirements/dev.in curlylint==0.13.1 # via -r requirements/dev.in deprecated==1.2.13 # via -r requirements/base.txt, redis -django==4.0.6 # via -r requirements/base.txt, django-browser-reload, django-debug-toolbar, django-filter, django-htmx, django-modelcluster, django-permissionedforms, django-plausible, django-redis, django-rq, django-taggit, django-treebeard, djangorestframework, drf-yasg, wagtail +django==4.0.6 # via -r requirements/base.txt, django-browser-reload, django-debug-toolbar, django-filter, django-htmx, django-modelcluster, django-permissionedforms, django-plausible, django-redis, django-rq, django-sri, django-taggit, django-treebeard, djangorestframework, drf-yasg, wagtail django-browser-reload==1.6.0 # via -r requirements/dev.in django-debug-toolbar==3.5.0 # via -r requirements/dev.in django-environ==0.9.0 # via -r requirements/base.txt @@ -31,6 +31,7 @@ django-permissionedforms==0.1 # via -r requirements/base.txt, wagtail django-plausible==0.3.0 # via -r requirements/base.txt django-redis==5.2.0 # via -r requirements/base.txt django-rq==2.5.1 # via -r requirements/base.txt +django-sri==0.4.0 # via -r requirements/base.txt django-taggit==2.1.0 # via -r requirements/base.txt, wagtail django-treebeard==4.5.1 # via -r requirements/base.txt, wagtail djangorestframework==3.13.1 # via -r requirements/base.txt, drf-yasg, wagtail diff --git a/website/common/templates/base.html b/website/common/templates/base.html index c220771..a97d752 100644 --- a/website/common/templates/base.html +++ b/website/common/templates/base.html @@ -1,4 +1,4 @@ -{% load static wagtailcore_tags wagtailuserbar navbar_tags footer_tags cache plausible_wagtail favicon_tags %} +{% load static wagtailcore_tags wagtailuserbar navbar_tags footer_tags cache plausible_wagtail favicon_tags sri %} @@ -23,9 +23,9 @@ {% block extra_head %}{% endblock %} - - - + {% sri_static "css/base.css" %} + {% sri_static "contrib/fontawesome/css/all.min.css" %} + {% sri_static "contrib/fira-code/fira_code.css" %} {% block extra_css %}{% endblock %} @@ -47,11 +47,11 @@ {% footer %} {% endcache %} - - + + {# Not async to avoid bright flashes #} - + {% block extra_js %}{% endblock %} diff --git a/website/common/templates/common/content_page.html b/website/common/templates/common/content_page.html index db7adac..bd1abaf 100644 --- a/website/common/templates/common/content_page.html +++ b/website/common/templates/common/content_page.html @@ -1,6 +1,6 @@ {% extends "wagtail_base.html" %} -{% load static %} +{% load static sri %} {% block content %} {% if page.body_html %} @@ -11,12 +11,13 @@ {% endblock %} {% block extra_css %} - - + {% sri_static "css/lite-youtube-embed.css" %} + {% sri_static "contrib/shareon/shareon.min.css" %} + {% endblock %} {% block extra_js %} - - + + {% endblock %} diff --git a/website/search/templates/search/search_page.html b/website/search/templates/search/search_page.html index 701ee1b..4c85007 100644 --- a/website/search/templates/search/search_page.html +++ b/website/search/templates/search/search_page.html @@ -1,6 +1,6 @@ {% extends "common/content_page.html" %} -{% load static %} +{% load static sri %} {% block post_content %}
@@ -41,5 +41,5 @@ {% block extra_js %} {{ block.super }} - + {% endblock %} diff --git a/website/settings.py b/website/settings.py index 6505db1..654d047 100644 --- a/website/settings.py +++ b/website/settings.py @@ -68,6 +68,7 @@ INSTALLED_APPS = [ "wagtail_favicon", "plausible", "plausible.contrib.wagtail", + "sri", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions",