定制 mattmontgomery/sri-integrity-hashes 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

mattmontgomery/sri-integrity-hashes

Composer 安装命令:

composer require mattmontgomery/sri-integrity-hashes

包简介

A tool for generating subresource integrity hashes

README 文档

README

codecov

SRI Integrity Hash helper

Loader/Loaders

This is a small class to make interacting with SRI hashes a bit simpler and easier.

Most use cases will want to use the Loaders class (see example below).

Standard Format

Out of the box, assets can be loaded, provided they are in the following format:

{
    "scriptName": {
        "src": "script-src.js",
        "integrity": "sha512-test"
    },
    "anotherScriptName": {
        "src": "another-script-src.js",
        "integrity": "sha512-test"
    }
}

This can be easily generated from Webpack using the library webpack-assets-manifest.

Other formats

In the case that other formats are provided or desired, a new Loader implementing LoaderInterface may be passed to the Loaders class.

Example

use DDM\SRIIntegrityHash\Loaders;

$loaders = new Loaders();

$file = $loaders->getFile('example/assets.json', 'common.js');

echo sprintf("Loaded %s from %s\n", $file->filename, $file->namespace);
echo sprintf("Script tag: %s\n", $file->toScript());

Using other loaders

By default, the file loader (DDM\SRIIntegrityHash\FileLoader) will be used. You can register other autoloaders if you are loading via another source.

Generator

A script and set of classes exists for generating new asset maps. A command is present in bin/console.php which can be used to output JSON, usually to put into its own file. It takes any number of arguments and generates hashes for those files. See below for script usage.

Script usage

If running from this repository:

php bin/sri-assets-generator generate --file=https://apis.google.com/js/api.js --file=https://apis.google.com/js/api-mock.js

If running from a composer installation:

./vendor/bin/sri-assets-generator ...

Arguments

  • --file — Pass any number of files with --file arguments.
  • --ignore-ssl — Ignore SSL verification in FileReader

Defining a script in composer.json

If you want a quick and easy way to do the above, you might want to define a scripts entry in your composer.json.

{
  ...
  "scripts": {
    "generate-assets-map": "sri-assets-generator generate --file=https://apis.google.com/js/api.js"
  }
}

Reading from other sources

If you'd like to read from other sources — say, a JSON file with a list of hashes, or an API result, or the database, or something other than just using file_get_contents, you can create a new Reader implementing ReaderInterface. It can be passed in with as Generator::read(ReaderInterface, resource).

统计信息

  • 总下载量: 1.32k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 0
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 1
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2019-09-24

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固