asset_bom_removal-rails 0.0.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/README.md +3 -3
- data/lib/asset_bom_removal/rails/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a279fa505b26ae133d589793a3e8dbaa44a15f70
|
|
4
|
+
data.tar.gz: f8fff0e413f923bda7b32cd4f70c66c47b156fc5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 52ad807c5ea9ad11d25f735f6ca24dc1069914e876560d49004b454caf332e4b1f46419f00980e0663cb7781b21f898ca4cb01aadda7763276f92b13cfb6d0d8
|
|
7
|
+
data.tar.gz: a80d661216b619a5f4cb34069528f8de38b0f24743ccd6eadef36cae605abc4b5b148835f6039b7af72dc28d8e7df559034d182fb18625384f58db1422c6c091
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -2,14 +2,14 @@
|
|
|
2
2
|
|
|
3
3
|
This gem hooks into [Rails `assets:precompile` task](http://guides.rubyonrails.org/asset_pipeline.html#precompiling-assets) and removes the BOM from any CSS files (and their gzipped versions) in the asset root.
|
|
4
4
|
|
|
5
|
-
We do this because we want to use [SRI](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) on our assets, but [a bug in Firefox versions < 52](https://bugzilla.mozilla.org/show_bug.cgi?id=1269241) means it calculates the hash incorrectly when the CSS asset has a [BOM](https://en.wikipedia.org/wiki/Byte_order_mark#UTF-8) and refuses to load the asset. The BOM is [generated by SASS versions > 3.4](https://github.com/sass/sass/blob/3.4.0/lib/sass/tree/visitors/to_css.rb#L131-L140) and in the versions of rails, sass, sprockets, sass-rails, and sprockets-rails we use it is impossible to configure SASS to stop doing this (as mentioned [in the sass-rails readme](https://github.com/rails/sass-rails/blob/v4.0.0/README.md#configuration) from version 4.0+).
|
|
5
|
+
We do this because we want to use [SRI](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) on our assets, but [a bug in Firefox versions < 52](https://bugzilla.mozilla.org/show_bug.cgi?id=1269241) means it calculates the hash incorrectly when the CSS asset has a [UTF-8 BOM](https://en.wikipedia.org/wiki/Byte_order_mark#UTF-8) and refuses to load the asset. The BOM is [generated by SASS versions > 3.4](https://github.com/sass/sass/blob/3.4.0/lib/sass/tree/visitors/to_css.rb#L131-L140) when the CSS file includes utf-8 characters and in the versions of rails, sass, sprockets, sass-rails, and sprockets-rails we use it is impossible to configure SASS to stop doing this (as mentioned [in the sass-rails readme](https://github.com/rails/sass-rails/blob/v4.0.0/README.md#configuration) from version 4.0+).
|
|
6
6
|
|
|
7
7
|
## Installation
|
|
8
8
|
|
|
9
9
|
Add this line to your application's Gemfile:
|
|
10
10
|
|
|
11
11
|
```ruby
|
|
12
|
-
gem '
|
|
12
|
+
gem 'asset_bom_removal-rails'
|
|
13
13
|
```
|
|
14
14
|
|
|
15
15
|
And then execute:
|
|
@@ -34,7 +34,7 @@ After checking out the repo, run `bundle install` to install dependencies. Then,
|
|
|
34
34
|
|
|
35
35
|
## Contributing
|
|
36
36
|
|
|
37
|
-
Bug reports and pull requests are welcome on GitHub at https://github.com/alphagov/
|
|
37
|
+
Bug reports and pull requests are welcome on GitHub at https://github.com/alphagov/asset_bom_removal-rails.
|
|
38
38
|
|
|
39
39
|
## License
|
|
40
40
|
|