jekyll-kw-sri 0.0.2 → 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +21 -0
- data/README.md +39 -14
- data/_includes/kw-integrity-css.html +42 -0
- data/_includes/kw-integrity-js.html +1 -0
- data/lib/jekyll-kw-sri.rb +12 -26
- data/lib/jekyll-kw-sri/parser.rb +1 -1
- data/lib/version.rb +1 -1
- metadata +4 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 819489bf76dbdfc30a65dea0be4194cf7e5413feb9cdf466b2fc016ebc5d548c
|
4
|
+
data.tar.gz: adfe552b0323b916bd2ac982f55ba77edacdd69c42c5a96c88956e579f2f3dfd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9636fd290730383df237c912a2db7e0d665894a8f6fe880ffafbf6ea5e11a09fa2277cc39f86885926a14373b0309121d5d088cb7f82128f82dd1a14e4d03da3
|
7
|
+
data.tar.gz: 549d6ff11bc9789e295d87840339f16108482308961945d3bc22faae6b76280c6364f2521cf5e8e406a7d391b576f7153d48603249d587ddbffc1b1ddd81c480
|
data/LICENSE
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
MIT License
|
2
|
+
|
3
|
+
Copyright (c) 2020 n13.org
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
13
|
+
copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
21
|
+
SOFTWARE.
|
data/README.md
CHANGED
@@ -8,9 +8,14 @@ A plugin for jekyll to calculate [Subresource Integrity][Wikipedia SRI] (SRI) ha
|
|
8
8
|
|
9
9
|
from [Mozilla docs][Mozilla Subresource Integrity]
|
10
10
|
|
11
|
+
## Changelog
|
12
|
+
|
13
|
+
* 0.0.x Add the custom tag `{% sri_scss_hash %}`
|
14
|
+
* 0.1.0 Add html iclude files to use them with `{% include kw-integrity-css.html %}` or `{% include kw-integrity-js.html %}`
|
15
|
+
|
11
16
|
## Configuration
|
12
17
|
|
13
|
-
Add `kw-sri` section to `_config.yml` configure the plugin globally.
|
18
|
+
Add `kw-sri` section to `_config.yml` configure the plugin globally. If you want to use defauls you can ommit the config-section.
|
14
19
|
|
15
20
|
```yaml
|
16
21
|
kw-sri:
|
@@ -27,18 +32,46 @@ kw-sri:
|
|
27
32
|
| hash_type | Which kind of integrity hash | sha256, **sha384**, sha512 |
|
28
33
|
| write_source_mapping_url | Add the map-file like to the css | false, **true** |
|
29
34
|
|
30
|
-
|
35
|
+
## Action Items / Shell commands
|
31
36
|
|
32
|
-
|
37
|
+
Run linting and tests
|
33
38
|
|
34
|
-
|
39
|
+
```sh
|
40
|
+
bundle exec rubocop
|
41
|
+
bundle exec rake test
|
42
|
+
```
|
35
43
|
|
36
|
-
|
44
|
+
Build gem package
|
37
45
|
|
38
46
|
```sh
|
39
|
-
bundle exec rake
|
47
|
+
bundle exec rake build
|
48
|
+
```
|
49
|
+
|
50
|
+
Publish gem package
|
51
|
+
|
52
|
+
```sh
|
53
|
+
bundle exec rake release
|
40
54
|
```
|
41
55
|
|
56
|
+
Calc a SRI Integrity hash of `./style.css` in format `sha256`
|
57
|
+
|
58
|
+
```shell
|
59
|
+
openssl dgst -sha256 -binary ./style.css | openssl base64 -A
|
60
|
+
```
|
61
|
+
|
62
|
+
Calc different **SRI integrity** hash-files from `css-files` (same is valid for `js-files`) in format `sha256`, `sha384` and `sha512` inside a **Makefile**
|
63
|
+
|
64
|
+
```plain
|
65
|
+
calc-integrity-files:
|
66
|
+
for strength in 256 384 512 ; do \
|
67
|
+
cat ./assets/css/style.min.css | openssl dgst -sha$$strength -binary | openssl base64 -A > ./_includes/integrity/style.min.css.sha$$strength ; \
|
68
|
+
cat ./assets/css/main.css | openssl dgst -sha$$strength -binary | openssl base64 -A > ./_includes/integrity/main.css.sha$$strength ; \
|
69
|
+
cat ./assets/js/script.js | openssl dgst -sha$$strength -binary | openssl base64 -A > ./_includes/integrity/script.js.sha$$strength ; \
|
70
|
+
done
|
71
|
+
```
|
72
|
+
|
73
|
+
## Notes / Hints
|
74
|
+
|
42
75
|
### Appraisal - Gemfile Generator
|
43
76
|
|
44
77
|
[GitHub](https://github.com/thoughtbot/appraisal)
|
@@ -50,8 +83,6 @@ bundle exec rake test
|
|
50
83
|
bundle exec appraisal generate
|
51
84
|
```
|
52
85
|
|
53
|
-
## Notes / Hints
|
54
|
-
|
55
86
|
### Site context is empty
|
56
87
|
|
57
88
|
Inside the `render(context)` function of a `Liquid::Tag` there is a context object. With that context you can get the `site` object, anyhow when you want to cretae your temporry **site** and **context** you need a workaround.
|
@@ -92,12 +123,6 @@ converter = if defined? site.find_converter_instance
|
|
92
123
|
end
|
93
124
|
```
|
94
125
|
|
95
|
-
## SRI Integrity
|
96
|
-
|
97
|
-
```shell
|
98
|
-
openssl dgst -sha256 -binary ./style.css | openssl base64 -A
|
99
|
-
```
|
100
|
-
|
101
126
|
## Setup Steps
|
102
127
|
|
103
128
|
```sh
|
@@ -0,0 +1,42 @@
|
|
1
|
+
{% assign para_file = include.file | default: "main.scss" %}
|
2
|
+
{% assign para_path = include.path | default: "assets/css/" %}
|
3
|
+
{% assign para_hash = include.hash | default: "sha384" %}
|
4
|
+
|
5
|
+
{% assign filename_no_path = para_file | split: "/" | last %}
|
6
|
+
{% assign source_file = "/" | append: para_path | append: para_file %}
|
7
|
+
{% assign source_file_ex = para_file | split: "." | last %}
|
8
|
+
{% assign path_no_filename = para_file | remove: filename_no_path %}
|
9
|
+
{% assign target_file_ex = para_file | replace: ".scss", ".css" %}
|
10
|
+
{% assign target_file = para_path | append: target_file_ex %}
|
11
|
+
{% assign integrity_file = "/integrity/" | append: para_file | append: "." | append: para_hash %}
|
12
|
+
|
13
|
+
{% comment %}{% raw %}
|
14
|
+
<!-- DEBUG BEGINN
|
15
|
+
{{ para_file }}
|
16
|
+
{{ para_path }}
|
17
|
+
{{ para_hash }}
|
18
|
+
{{ filename_no_path }}
|
19
|
+
{{ source_file }}
|
20
|
+
{{ source_file_ex }}
|
21
|
+
{{ path_no_filename }}
|
22
|
+
{{ target_file }}
|
23
|
+
{{ integrity_file }}
|
24
|
+
DEBUG END -->
|
25
|
+
{% endraw %}{% endcomment %}
|
26
|
+
|
27
|
+
{% case source_file_ex %}
|
28
|
+
{% when "css" %}
|
29
|
+
<link rel="stylesheet" href="{{ target_file }}" integrity="{{ para_hash }}-{% include {{ integrity_file }} %}" crossorigin="anonymous">
|
30
|
+
{% when "scss" %}
|
31
|
+
<link rel="stylesheet" href="{{ target_file }}" integrity="{% sri_scss_hash {{ source_file }} %}" crossorigin="anonymous">
|
32
|
+
{% else %}
|
33
|
+
<link rel="stylesheet" href="{{ target_file }}">
|
34
|
+
{% endcase %}
|
35
|
+
|
36
|
+
{% comment %}{% raw %}
|
37
|
+
|
38
|
+
<!-- Trailing Slash Handling ? -->
|
39
|
+
{% assign trainling_slash = para_path | slice: -1, 1 %}
|
40
|
+
{% if trainling_slash = "/" %}
|
41
|
+
|
42
|
+
{% endraw %}{% endcomment %}
|
@@ -0,0 +1 @@
|
|
1
|
+
<script src="/assets/js/{{ include.file }}" integrity="sha384-{% include /integrity/{{ include.file }}.sha384 %}" crossorigin="anonymous"></script>
|
data/lib/jekyll-kw-sri.rb
CHANGED
@@ -9,25 +9,14 @@ module Jekyll
|
|
9
9
|
module KargWare
|
10
10
|
# jekyll-kw-sri custom tag
|
11
11
|
class SriScssHashTag < Jekyll::Tags::IncludeRelativeTag
|
12
|
-
# class SriScssHashTag < Liquid::Tag
|
13
12
|
def initialize(tag_name, input, tokens)
|
14
13
|
super
|
15
14
|
|
16
15
|
raise 'Please enter a file path' if input.length <= 0
|
17
|
-
|
18
|
-
@scss_file = strip_or_self(input)
|
19
16
|
# File.exists? is file?
|
20
|
-
|
21
|
-
@tag_name = tag_name
|
22
17
|
end
|
23
18
|
|
24
|
-
# def syntax_example
|
25
|
-
# "{% #{@tag_name} css/main.scss %}"
|
26
|
-
# end
|
27
|
-
|
28
19
|
def render(context)
|
29
|
-
# return '' unless context.registers[:page]['sri']
|
30
|
-
|
31
20
|
cache_compiled_scss(@file, context, lambda {
|
32
21
|
if context.nil? || context.registers[:site].nil?
|
33
22
|
puts 'WARNING: There was no context, generate default site and context'
|
@@ -39,24 +28,25 @@ module Jekyll
|
|
39
28
|
@sri_config = context.registers[:site].config['kw-sri'] || {}
|
40
29
|
end
|
41
30
|
|
31
|
+
# Render the context with the base-class
|
42
32
|
converter = site.find_converter_instance(Jekyll::Converters::Scss)
|
43
|
-
|
44
|
-
result = super(context)
|
33
|
+
result = super(context) # super_render(context)
|
45
34
|
scss = result.gsub(/^---.*---/m, '')
|
46
35
|
data = converter.convert(scss)
|
47
36
|
|
48
|
-
|
37
|
+
# Get path out of the file object
|
38
|
+
file = render_variable(context) || @file
|
39
|
+
validate_file_name(file)
|
40
|
+
path = locate_include_file(context, file, site.safe)
|
41
|
+
|
42
|
+
# Use default config for kw-sri if it is nil
|
43
|
+
@sri_config ||= Jekyll::KargWare::Integrity::Configuration::DEFAULT_CONFIG
|
44
|
+
|
45
|
+
Integrity::Parser.new(@sri_config).calc_integrity(path, data)
|
49
46
|
})
|
50
47
|
end
|
51
48
|
|
52
49
|
def cache_compiled_scss(path, _context, compute)
|
53
|
-
# @@cached_scss ||= {}
|
54
|
-
# if @@cached_scss.key?(path)
|
55
|
-
# @@cached_scss[path]
|
56
|
-
# else
|
57
|
-
# @@cached_scss[path] = compute.call
|
58
|
-
# end
|
59
|
-
|
60
50
|
@cached_scss ||= {}
|
61
51
|
if @cached_scss.key?(path)
|
62
52
|
@cached_scss[path]
|
@@ -65,11 +55,7 @@ module Jekyll
|
|
65
55
|
end
|
66
56
|
end
|
67
57
|
|
68
|
-
#
|
69
|
-
def strip_or_self(str)
|
70
|
-
str.strip! || str
|
71
|
-
end
|
72
|
-
|
58
|
+
# Register the sccs file as include folder
|
73
59
|
def tag_includes_dirs(context)
|
74
60
|
[context.registers[:site].source].freeze
|
75
61
|
end
|
data/lib/jekyll-kw-sri/parser.rb
CHANGED
@@ -19,7 +19,7 @@ module Jekyll
|
|
19
19
|
data_modified = add_source_mapping_url(filename, data)
|
20
20
|
|
21
21
|
# Debuging, save rendered css file as tmp file
|
22
|
-
File.open("
|
22
|
+
File.open("#{filename}.tmp", 'w') { |file| file.write(data_modified) } if @configuration.create_tmpfile
|
23
23
|
|
24
24
|
case hash_type
|
25
25
|
when 'sha256'
|
data/lib/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: jekyll-kw-sri
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0
|
4
|
+
version: 0.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nicolas Karg
|
@@ -32,7 +32,10 @@ executables: []
|
|
32
32
|
extensions: []
|
33
33
|
extra_rdoc_files: []
|
34
34
|
files:
|
35
|
+
- LICENSE
|
35
36
|
- README.md
|
37
|
+
- _includes/kw-integrity-css.html
|
38
|
+
- _includes/kw-integrity-js.html
|
36
39
|
- lib/jekyll-kw-sri.rb
|
37
40
|
- lib/jekyll-kw-sri/configuration.rb
|
38
41
|
- lib/jekyll-kw-sri/parser.rb
|