Differential D451

Subresource Integrity
ClosedPublic
Actions

Authored by dereckson on Jul 2 2016, 15:29.

Details

Reviewers

dereckson

Commits

rGROVEdafb55ce332b: Subresource Integrity

Summary

SRI is a new specification allowing to associate a hash to a resource file.

This allows to trust external CDNs to serve the exact file we computed the hash.
If not, for example because of a MITM attack, browser will block the resource.

Side edit: ' → " as HTML attributes delimiters.

Test Plan

Visit pages and check each resources are correcty loaded.

Diff Detail

Repository

rGROVE Auth Grove

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

dereckson updated this revision to Diff 1092.Jul 2 2016, 15:29

dereckson retitled this revision from to Subresource Integrity.

dereckson updated this object.

dereckson edited the test plan for this revision. (Show Details)

Hashes generated through https://www.srihash.org/ managed by Mozilla, and tested under Chrome 51.

This revision is now accepted and ready to land.Jul 2 2016, 15:33

Closed by commit rGROVEdafb55ce332b: Subresource Integrity (authored by dereckson, committed by dereckson). · Explain WhyJul 2 2016, 15:34

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

resources/

views/

app.blade.php

8 lines

auth/

master.blade.php

6 lines

Diff 1093

View Options

resources/views/app.blade.php