-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add integrity hashes #50
Comments
hi @Samy-Belarbi, I was thinking of looking into this feature this week but I see that you forked the repo maybe you wanted to take care of it ? |
Hey @lhapaipai, i will give it a try at the end of the week but i'm not sure to manage to achieve this with my current skills. So please do not change your plan of looking into it. |
hi @Samy-Belarbi, I've implemented the feature in both branches feature/sri. |
Hey ! You are right, it's mostly used when you get your assets from a CDN, the browser doesn't load files if they are not matching their integrity hashes, so you are sure you are loading the correct files. As far as i know, i don't think that's pretty useful if your files come from your own production website because if someone malicious can manipulate your files from it, it would be too late i guess ? Anyway, that can be one more security, but an overkill one. Amazing work, i can't wait to try it. Merci ! |
Thanks @Samy-Belarbi, |
fixed with #52 |
Hi, thanks for you work !
I am wondering if there is any plan (or way) to implement integrity hashes into script / links ?
Could make it work with this repo maybe : https://github.com/ElMassimo/vite-plugin-manifest-sri
Thanks.
The text was updated successfully, but these errors were encountered: