From b79056d561da29ad1aeef08276f7ca447131402a Mon Sep 17 00:00:00 2001 From: mat ess Date: Sat, 13 Aug 2022 01:18:01 -0400 Subject: [PATCH] Use Sub Resource Integrity --- config.toml | 11 ++++++----- templates/partials/header.html | 2 +- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/config.toml b/config.toml index 55f1a73..7b5e167 100644 --- a/config.toml +++ b/config.toml @@ -25,12 +25,13 @@ favicon = "/favicon.svg" stylesheets = [] use_cdn = true +# include hashes for SRI cdns = [ - "https://cdn.jsdelivr.net/npm/firacode@6.2.0/distr/fira_code.min.css", - "https://cdn.jsdelivr.net/gh/orioncactus/pretendard@v1.3.5/dist/web/static/pretendard-std-dynamic-subset.min.css", - "https://cdn.jsdelivr.net/gh/orioncactus/pretendard@v1.3.5/dist/web/variable/pretendardvariable-std.min.css", - "https://cdn.jsdelivr.net/gh/codex-src/iA-Fonts@master/iA%20Writer%20Quattro/Webfonts/index.min.css", - "https://cdn.jsdelivr.net/gh/codex-src/iA-Fonts@master/iA%20Writer%20Quattro/Variable/index.min.css", + { url = "https://cdn.jsdelivr.net/npm/firacode@6.2.0/distr/fira_code.min.css", hash = "sWIpcFPnJFfPqQU7FWn8H9+Xax/h5ihI8hVjQTBa5WmUde6CZZLw9DUAaIyA6j5u" }, + { url = "https://cdn.jsdelivr.net/gh/orioncactus/pretendard@v1.3.5/dist/web/static/pretendard-std-dynamic-subset.min.css", hash = "UzN3sOqBetZN9G2CDFfxg1PNJ+Qrv8/HZIoBp6XsCD+2DOehpvXGqkj2WFCNge5Q" }, + { url = "https://cdn.jsdelivr.net/gh/orioncactus/pretendard@v1.3.5/dist/web/variable/pretendardvariable-std.min.css", hash = "3OYJp8uUv2MJWyKGgrZOrSjf+WP+nD7ifpJ04kAsI02PYi+nghC4TF37YkN/2Qxt" }, + { url = "https://cdn.jsdelivr.net/gh/codex-src/iA-Fonts@master/iA%20Writer%20Quattro/Webfonts/index.min.css", hash = "Vx6OU3QBwm96rTUebUtdfD/AW3d3uzT896pixaUYg9Nb87zqHuXmjmv9aGwBmFjP" }, + { url = "https://cdn.jsdelivr.net/gh/codex-src/iA-Fonts@master/iA%20Writer%20Quattro/Variable/index.min.css", hash = "sFJyxW2UhZcJ0SAweDcoU6dBgqox5PbLK5nZStQSQitBeRHigPu7OPWDvoIHEXeo" }, ] menu = [ diff --git a/templates/partials/header.html b/templates/partials/header.html index 967648e..2917f90 100644 --- a/templates/partials/header.html +++ b/templates/partials/header.html @@ -26,7 +26,7 @@ {# Font from cdn or disk #} {% if config.extra.use_cdn | default(value=false) %} {% for cdn in config.extra.cdns %} - + {% endfor %} {% else %}