1
0
mirror of https://github.com/twitter/twemoji.git synced 2024-12-24 21:15:13 +00:00

Reintroduce Subresource Integrity hashes in the previews and as a separate option in the README

This commit is contained in:
Nathan Downs 2019-09-25 14:50:07 -07:00
parent 2538ae039c
commit 4c21f09d6b
5 changed files with 31 additions and 2 deletions

View File

@ -20,6 +20,11 @@ Use the following in the `<head>` tag of your HTML document(s):
This guarantees that you will always use the latest version of the library.
If, instead, you'd like to include the latest version explicitly, you can add the following tag:
```html
<script src="https://twemoji.maxcdn.com/v/12.1.3/twemoji.min.js" integrity="sha384-PEQg4NJbyXT+TJJVKYN9zmD5ehVaV3TiBdzovT7WkshNClGNg8+bk4hKQ+lGrgaw" crossorigin="anonymous"></script>
```
### Download
If instead you want to download a specific version, please look at the `gh-pages` branch, where you will find the built assets for both our latest and older versions.

View File

@ -7,6 +7,7 @@
const fs = require('fs-extra');
const path = require('path');
const { spawnSync } = require('child_process');
const { getIntegrityHash } = require('./utils');
function file(...which) {
return path.join(__dirname, '..', ...which);
@ -55,6 +56,16 @@ fs.unlinkSync(distFile('twemoji.tmp.js'));
fs.writeFileSync(distFile('twemoji.min.js'), `${copyright}\n${minifiedContents}`);
fs.writeFileSync(distFile('twemoji.esm.js'), `${copyright}\n${minifiedContents}\nexport default twemoji;`);
const integrityHash = getIntegrityHash(distFile('twemoji.min.js'));
const { version } = require('../package.json');
function updateSriScriptReference(filename) {
const newScript = `<script src="https://twemoji.maxcdn.com/v/${version}/twemoji.min.js" integrity="${integrityHash}"`;
fs.writeFileSync(filename, fs.readFileSync(filename).toString('utf8').replace(/<script src="[^ ]*" integrity="[^ ]*"/, newScript));
}
updateSriScriptReference(file('README.md'));
// Copy the png assets and svgs to the dist folder
fs.copySync(file('assets/svg'), distFile('svg'));
fs.copySync(file('assets/72x72'), distFile('72x72'));

View File

@ -37,7 +37,8 @@ fs.readdir(file('assets/ai'), function (err, files) {
}).join('');
}).join('</li>\n <li>')+ '</li>'
)
.replace('{{version}}', version);
.replace('{{version}}', version)
.replace('{{integrityHash}}', Utils.getIntegrityHash(distFile('twemoji.min.js')));
fs.writeFileSync(
distFile('preview.html'),
page.replace(

View File

@ -1,3 +1,5 @@
const { spawnSync } = require('child_process');
function fromCodePoint(codepoint) {
var code = typeof codepoint === 'string' ?
parseInt(codepoint, 16) : codepoint;
@ -26,3 +28,13 @@ function UTF162JSON(text) {
return r.join('');
}
module.exports.UTF162JSON = UTF162JSON;
function getIntegrityHash(filename) {
const algorithm = 'sha384';
const digest = spawnSync('openssl', ['dgst', `-${algorithm}`, '-binary', filename]);
if (digest.status || digest.signal){
throw new Error(digest.stderr.toString('utf8'));
}
return `${algorithm}-${digest.stdout.toString('base64')}`;
}
module.exports.getIntegrityHash = getIntegrityHash;

View File

@ -25,7 +25,7 @@
vertical-align: -0.1em;
}
</style>
<script src="https://twemoji.maxcdn.com/v/{{version}}/twemoji.min.js" crossorigin="anonymous"></script>
<script src="https://twemoji.maxcdn.com/v/{{version}}/twemoji.min.js" integrity="{{integrityHash}}"crossorigin="anonymous"></script>
</head>
<body>
<ul class="emoji-list">