WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

Commit 8a32b5c

Browse files
hartworkhartwork
authored
Start checking Subresource Integrity (SRI) (#29)
This prevents being owned by the CDN and also prevents regressions through pinning. Related: - https://en.wikipedia.org/wiki/Subresource_Integrity - https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
1 parent dd6c31e commit 8a32b5c

File tree

3 files changed

+12
-12
lines changed

3 files changed

+12
-12
lines changed

docs/quickstart.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -55,13 +55,13 @@ There, we need support for HTMX and Live Components:
5555
<meta name="htmx-config" content='{"defaultSwapStyle":"none","allowNestedOobSwaps":false}'>
5656

5757
<!-- HTMX and plugins -->
58-
<script src="https://unpkg.com/htmx.org@2.x.x"></script>
59-
<script src="https://unpkg.com/htmx-ext-json-enc@2.x.x/json-enc.js"></script>
60-
<script src="https://unpkg.com/htmx-ext-alpine-morph@2.x.x/alpine-morph.js"></script>
58+
<script src="https://unpkg.com/htmx.org@2.0.7/dist/htmx.min.js" integrity="sha256-YCMa5rqds4JesVomESLV9VkhxNU7Zr9jfcGLTuJ8efk=" crossorigin="anonymous"></script>
59+
<script src="https://unpkg.com/htmx-ext-json-enc@2.0.2/json-enc.js" integrity="sha256-n+FPqu23kscMGH4hmy2Ocv7ZKJE3UgXa2d/v4Y2azOo=" crossorigin="anonymous"></script>
60+
<script src="https://unpkg.com/htmx-ext-alpine-morph@2.0.1/alpine-morph.js" integrity="sha256-diqH7MmPdlWLfWOEw3QAq2HlqxYmGWy30JP864nBO2c=" crossorigin="anonymous"></script>
6161
<!-- Alpine Plugins -->
62-
<script defer src="https://unpkg.com/@alpinejs/morph@3.x.x/dist/cdn.min.js"></script>
62+
<script defer src="https://unpkg.com/@alpinejs/morph@3.15.0/dist/cdn.min.js" integrity="sha256-yc4QYrkTmE2o9PYBjxsweN9Z28PQ3PSozmsuzd4So5w=" crossorigin="anonymous"></script>
6363
<!-- Alpine Core -->
64-
<script defer src="https://unpkg.com/alpinejs@3.x.x/dist/cdn.min.js"></script>
64+
<script defer src="https://unpkg.com/alpinejs@3.15.0/dist/cdn.min.js" integrity="sha256-4EHxtjnR5rL8JzbY12OKQJr81ESm7JBEb49ORPo29AY=" crossorigin="anonymous"></script>
6565

6666
{% django_htmx_script %}
6767

example/myapp/components/chart/chart.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{% load livecomponents %}
2-
<script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/4.4.1/chart.umd.min.js"></script>
2+
<script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/4.4.1/chart.umd.min.js" integrity="sha256-gf+v4Tw34bJXk7Ag1Eb02XOblJ2tt/n3nXCaDK14HC8=" crossorigin="anonymous"></script>
33
<div {% component_attrs component_id %}>
44

55
<div style="width: 800px; height: 400px;">

example/templates/base.html

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -9,15 +9,15 @@
99
<meta name="htmx-config" content='{"defaultSwapStyle":"none","allowNestedOobSwaps":false}'>
1010

1111
<!-- HTMX and plugins -->
12-
<script src="https://unpkg.com/htmx.org@2.x.x"></script>
13-
<script src="https://unpkg.com/htmx-ext-json-enc@2.x.x/json-enc.js"></script>
14-
<script src="https://unpkg.com/htmx-ext-alpine-morph@2.x.x/alpine-morph.js"></script>
12+
<script src="https://unpkg.com/htmx.org@2.0.7/dist/htmx.min.js" integrity="sha256-YCMa5rqds4JesVomESLV9VkhxNU7Zr9jfcGLTuJ8efk=" crossorigin="anonymous"></script>
13+
<script src="https://unpkg.com/htmx-ext-json-enc@2.0.2/json-enc.js" integrity="sha256-n+FPqu23kscMGH4hmy2Ocv7ZKJE3UgXa2d/v4Y2azOo=" crossorigin="anonymous"></script>
14+
<script src="https://unpkg.com/htmx-ext-alpine-morph@2.0.1/alpine-morph.js" integrity="sha256-diqH7MmPdlWLfWOEw3QAq2HlqxYmGWy30JP864nBO2c=" crossorigin="anonymous"></script>
1515
<!-- Alpine Plugins -->
16-
<script defer src="https://unpkg.com/@alpinejs/morph@3.x.x/dist/cdn.min.js"></script>
16+
<script defer src="https://unpkg.com/@alpinejs/morph@3.15.0/dist/cdn.min.js" integrity="sha256-yc4QYrkTmE2o9PYBjxsweN9Z28PQ3PSozmsuzd4So5w=" crossorigin="anonymous"></script>
1717
<!-- Alpine Core -->
18-
<script defer src="https://unpkg.com/alpinejs@3.x.x/dist/cdn.min.js"></script>
18+
<script defer src="https://unpkg.com/alpinejs@3.15.0/dist/cdn.min.js" integrity="sha256-4EHxtjnR5rL8JzbY12OKQJr81ESm7JBEb49ORPo29AY=" crossorigin="anonymous"></script>
1919
<!-- Hyperscript optional dependency -->
20-
<script src="https://unpkg.com/[email protected].x"></script>
20+
<script src="https://unpkg.com/[email protected].14/dist/_hyperscript.min.js" integrity="sha256-PoNKP/wDNP7lTs/043pq6VHNg+baqWZRynz9j3Ua1NI=" crossorigin="anonymous"></script>
2121
{% django_htmx_script %}
2222

2323
{% component_css_dependencies %}

0 commit comments

Comments
 (0)