[lintian] 02/02: reporting: Add integrity fields to all <link>
This is an automated email from the git hooks/post-receive script.
nthykier pushed a commit to branch master
in repository lintian.
commit 27a367d7f3dde80af56467a9365224c45b6f757c
Author: Niels Thykier <niels@thykier.net>
Date: Thu Sep 1 18:06:29 2016 +0000
reporting: Add integrity fields to all <link>
... for maximum overkill. Possibly not the most sensible use for
subresource integrity...
Signed-off-by: Niels Thykier <niels@thykier.net>
---
commands/reporting-html-reports.pm | 3 +++
lib/Lintian/Reporting/ResourceManager.pm | 28 +++++++++++++++++++++++++---
reporting/templates/head.tmpl | 4 ++--
3 files changed, 30 insertions(+), 5 deletions(-)
diff --git a/commands/reporting-html-reports.pm b/commands/reporting-html-reports.pm
index b2f9901..8fca975 100644
--- a/commands/reporting-html-reports.pm
+++ b/commands/reporting-html-reports.pm
@@ -993,6 +993,9 @@ sub output_template {
$data->{resource_path} ||= sub {
return $path_prefix . $RESOURCE_MANAGER->resource_URL($_[0]);
};
+ $data->{resource_integrity} ||= sub {
+ return $RESOURCE_MANAGER->resource_integrity_value($_[0]);
+ };
$data->{head} ||= sub {
$templates{head}->fill_in(
HASH => {
diff --git a/lib/Lintian/Reporting/ResourceManager.pm b/lib/Lintian/Reporting/ResourceManager.pm
index 75b51e2..2cdad6d 100644
--- a/lib/Lintian/Reporting/ResourceManager.pm
+++ b/lib/Lintian/Reporting/ResourceManager.pm
@@ -27,7 +27,7 @@ use Carp qw(croak);
use File::Basename qw(basename);
use File::Copy qw(copy);
-use Lintian::Util qw(get_file_checksum);
+use Lintian::Util qw(get_file_digest);
=head1 NAME
@@ -73,6 +73,7 @@ sub new {
croak('Missing required parameter html_dir (or it is undef)')
if not defined $opts{'html_dir'};
$self->{'_resource_cache'} = {};
+ $self->{'_resource_integrity'} = {};
return bless($self, $class);
}
@@ -118,7 +119,7 @@ sub install_resource {
my ($self, $resource_name, $opt) = @_;
my $resource_root = $self->{'html_dir'} . '/resources';
my $method = 'move';
- my ($basename, $install_name, $resource);
+ my ($basename, $install_name, $resource, $digest, $b64digest);
$method = $opt->{'install_method'}
if $opt && exists($opt->{'install_method'});
if ($opt && exists($opt->{'source_file'})) {
@@ -134,7 +135,13 @@ sub install_resource {
$basename = basename($resource_name);
$resource = $resource_name;
}
- $install_name = get_file_checksum('sha1', $resource);
+ $digest = get_file_digest('sha256', $resource);
+ $install_name = $digest->clone->hexdigest;
+ $b64digest = $digest->b64digest;
+
+ while (length($b64digest) % 4) {
+ $b64digest .= '=';
+ }
croak("Resource name ${basename} already in use")
if defined($self->{'_resource_cache'}{$basename});
@@ -156,6 +163,7 @@ sub install_resource {
'- please use "move" or "copy"'));
}
$self->{'_resource_cache'}{$basename} = "resources/$install_name";
+ $self->{'_resource_integrity'}{$basename} = "sha256-${b64digest}";
return;
}
@@ -174,6 +182,20 @@ sub resource_URL {
return $self->{'_resource_cache'}{$resource_name};
}
+=item resource_integrity_value(RESOURCE_NAME)
+
+Return a string that is valid in the "integrity" field of a C<< <link>
+>> HTML tag. (See https://www.w3.org/TR/SRI/)
+
+=cut
+
+sub resource_integrity_value {
+ my ($self, $resource_name) = @_;
+ croak("Unknown resource $resource_name")
+ if not defined($self->{'_resource_integrity'}{$resource_name});
+ return $self->{'_resource_integrity'}{$resource_name};
+}
+
=back
=head1 AUTHOR
diff --git a/reporting/templates/head.tmpl b/reporting/templates/head.tmpl
index 29e0bd9..4001950 100644
--- a/reporting/templates/head.tmpl
+++ b/reporting/templates/head.tmpl
@@ -4,8 +4,8 @@
<title>{$page_title}</title>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
- <link rel="stylesheet" href="{resource_path('lintian.css')}" type="text/css" />
- <link rel="icon" href="{resource_path('ico.png')}" type="image/png" />
+ <link rel="stylesheet" href="{resource_path('lintian.css')}" type="text/css" integrity="{resource_integrity('lintian.css')}" crossorigin="anonymous" />
+ <link rel="icon" href="{resource_path('ico.png')}" type="image/png" integrity="{resource_integrity('ico.png')}" crossorigin="anonymous" />
</head>
<body>
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/lintian/lintian.git
Reply to: