search

sorry-app / status-bar

Display your Sorryβ„’ status updates on your website and helpdesk.
https://www.sorryapp.com/notifications/
Apache License 2.0
10 stars 4 forks source link

Add Subresource Integrity to the readme #61

Open tvb opened 5 years ago

tvb commented 5 years ago

SRI is a new W3C specification that allows web developers to ensure that resources hosted on third-party servers have not been tampered with. Use of SRI is recommended as a best-practice, whenever libraries are loaded from a third-party source.

It would be great to provide the sha256 hashes for each version in the readme

SirRawlins commented 5 years ago

Thanks for this suggestion too - sounds good, I shall take a look and see what we can do. πŸ‘

On Wed, 19 Sep 2018, 21:02 Tristan, notifications@github.com wrote:

SRI is a new W3C specification that allows web developers to ensure that resources hosted on third-party servers have not been tampered with. Use of SRI is recommended as a best-practice, whenever libraries are loaded from a third-party source.

It would be great to provide the sha256 hashes for each version in the readme

β€” You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/sorry-app/status-bar/issues/61, or mute the thread https://github.com/notifications/unsubscribe-auth/AAtiK7si6_lfuoRT7aKiWTDe6k7-pVueks5ucqLTgaJpZM4Ww334 .

tvb commented 5 years ago

@SirRawlins any update?

SirRawlins commented 5 years ago

@tvb I did take a look at this, but the current grunt-sri tool we'd want to drop in looks a little limited, and outdated. Would be great to get this added but for the moment it's not a high priority.

I'm going to leave the issue open though, as don't want to forget about it. πŸ˜„

tvb commented 9 months ago

@SirRawlins did you perhaps forget about it still? πŸ˜‡