Skip to content
/ integrity Public
forked from kyleconroy/integrity

Subresource integrity: Generate and verify integrity digests

License

MIT license
0 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

equinox-io/integrity

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
testdata
testdata
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
integrity.go
integrity.go
 
 
integrity_test.go
integrity_test.go
 
 

Repository files navigation

stakmachine/integrity

GoDoc Build Status

stackmachine/integrity makes it easy to enable subresource integrity for your web applications.

Install

dep ensure github.com/stackmachine/integrity

Usage

package main

import (
    "fmt"

    "github.com/stackmachine/integrity"
)

func main() {
    // Calculate SHA512 digests for all your static assets
    fs, err := integrity.ParseFiles("static")
    if err != nil {
        panic(err)
    }

    // Return the digest for a given file path, returning an error if it
    // doesn't exist.
    sha, err := fs.Digest("css/style.css")
    if err != nil {
        panic(err)
    }

    // Set the `integrity` parameter on a script or link element
    fmt.Printf(`<script type="javascript" integrity="%s" src="...">`, sha)
}

The integrity package also ships with a http.Handler that checks if an included digest is valid.

package main

import (
    "net/http"
    
    "github.com/stackmachine/integrity"
)

func main() {
    fs, err := integrity.ParseFiles("static")
    if err != nil {
        panic(err)
    }

    handler := http.FileServer(http.Dir("testdata"))
    handler = integrity.Verify(handler, fs)
    handler = http.StripPrefix("/static/", handler)

    // 200 - GET /static/css/style.css 
    // 200 - GET /static/css/style.css?sha=sha512-valid
    // 404 - GET /static/css/style.css?sha=sha512-invalid
    http.ListenAndServe(handler, nil)
}

About

Subresource integrity: Generate and verify integrity digests

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • JavaScript 52.0%
  • CSS 36.5%
  • Go 11.5%