Skip to content

Commit

Permalink
Adding sri integrity to all fields.
Browse files Browse the repository at this point in the history 
Conflicts:
	config/_config.yml
	views/_partials/csscode.jade
	views/_partials/jscode.jade
  • Loading branch information
@jmervine
jmervine committed Aug 15, 2015
1 parent d08606c commit c6e4f6d
Show file tree
Hide file tree
Showing 15 changed files with 611 additions and 303 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Expand Up @@ -12,3 +12,4 @@ lint.html
config/_maxcdn.yml
shelljs_*
*.log
Dockme.yml
464 changes: 231 additions & 233 deletions config/_config.yml
View file

Large diffs are not rendered by default.

244 changes: 244 additions & 0 deletions config/_config.yml.bak
View file

Large diffs are not rendered by default.

30 changes: 20 additions & 10 deletions lib/helpers.js
View file
Expand Up @@ -3,24 +3,34 @@

'use strict';

function themeSelected(config, selected) {
function selectedTheme(config, selected) {
if (typeof selected === 'undefined' || selected === 'undefined') {
return config.theme;
}

return parseInt(selected, 10) === 0 || parseInt(selected, 10) ?
parseInt(selected, 10) : config.theme;
parseInt(selected, 10) : config.theme;
}

function getTheme(config, selected) {
selected = selectedTheme(config, selected);
var themes = config.bootswatch.themes.map(function(t) {
return t.name;
});

return config.bootswatch.bootstrap
.replace('SWATCH_VERSION', config.bootswatch.version)
.replace('SWATCH_NAME', themes[selected]);
}

function themeCSS(config, selected) {
var file = getTheme(config, selected);

if (process.env.NODE_ENV === 'development') {
return '/bootswatch/SWATCH_VERSION/SWATCH_NAME/bootstrap.min.css'
.replace('SWATCH_VERSION', config.bootswatch.version)
.replace('SWATCH_NAME', config.bootswatch.themes[themeSelected(config, selected)]);
return file.replace('https://maxcdn.bootstrapcdn.com', '');
}

return config.bootswatch.bootstrap
.replace('SWATCH_VERSION', config.bootswatch.version)
.replace('SWATCH_NAME', config.bootswatch.themes[themeSelected(config, selected)]);
return file;
}

function randomTweets(tweets, limit) {
Expand All @@ -37,8 +47,8 @@ function randomTweets(tweets, limit) {

module.exports = {
theme: {
selected: themeSelected,
css: themeCSS
selected: selectedTheme,
stylesheet: themeCSS
},
randomTweets: randomTweets
};
Expand Down
3 changes: 2 additions & 1 deletion package.json
View file
Expand Up @@ -24,8 +24,9 @@
"morgan": "^1.5.3",
"request": "^2.55.0",
"serve-favicon": "^2.2.1",
"serve-static": "^1.9.3",
"shelljs": "^0.5.0",
"serve-static": "^1.9.3"
"sri-toolbox": "^0.2.0"
},
"devDependencies": {
"bootlint": "^0.12.0",
Expand Down
74 changes: 74 additions & 0 deletions scripts/integrity.js
View file
@@ -0,0 +1,74 @@
#!/usr/bin/env node
var path = require('path');
var yaml = require('js-yaml');
var exec = require('child_process').execSync;
var fs = require('fs');
var sri = require('sri-toolbox');

var basedir = path.join(__dirname, '..');
var configFile = path.join(basedir, 'config', '_config.yml');
var config = yaml.safeLoad(fs.readFileSync(configFile));

// create backup file
fs.createReadStream(configFile)
.pipe(fs.createWriteStream(configFile + '.bak'));

function buildPath(d) {
return path.join(basedir, 'public',
d.replace('https://maxcdn.bootstrapcdn.com/',''));
}

function digest(file) {
return 'sha256-' +
exec('cat ' + file + ' | openssl dgst -sha256 -binary | openssl enc -base64 -A').toString() +
' sha512-' +
exec('cat ' + file + ' | openssl dgst -sha512 -binary | openssl enc -base64 -A').toString();
}

// bootswatch
var bootswatch = buildPath(config.bootswatch.bootstrap);
for (var i = 0; i < config.bootswatch.themes.length; i++) {
var theme = config.bootswatch.themes[i];
var file = bootswatch.replace('SWATCH_VERSION', config.bootswatch.version)
.replace('SWATCH_NAME', theme.name);

if (config.bootswatch.themes[i].sri === undefined) {
config.bootswatch.themes[i].sri = digest(file);
}
}

// bootlint
for (var i = 0; i < config.bootlint.length; i++) {
var bootlint = config.bootlint[i];
var file = buildPath(bootlint.javascript);

if (config.bootlint[i].javascript_sri === undefined) {
config.bootlint[i].javascript_sri = digest(file);
}
}

// bootstrap
for (var i = 0; i < config.bootstrap.length; i++) {
var bootstrap = config.bootstrap[i];

var javascript = buildPath(bootstrap.javascript);
if (config.bootstrap[i].javascript_sri === undefined) {
config.bootstrap[i].javascript_sri = digest(javascript);
}

var stylesheet = buildPath(bootstrap.stylesheet);
if (config.bootstrap[i].stylesheet_sri === undefined) {
config.bootstrap[i].stylesheet_sri = digest(stylesheet);
}
}

// fontawesome
for (var i = 0; i < config.fontawesome.length; i++) {
var stylesheet = buildPath(config.fontawesome[i].stylesheet);

if (config.fontawesome[i].stylesheet_sri === undefined) {
config.fontawesome[i].stylesheet_sri = digest(stylesheet);
}
}

fs.writeFileSync(configFile, yaml.dump(config));
10 changes: 3 additions & 7 deletions views/_partials/csscode.jade
View file
@@ -1,18 +1,14 @@
.well.hidden(id=name)
.form-group
label(for='html_' + name) HTML
input.form-control(type='text', id='html_' + name, value='<link href="' + cssPath + '" rel="stylesheet">')
- if (integrity)
.form-group
label(for='html_sri_' + name) HTML with SRI
input.form-control(type='text', id='html_sri_' + name, value='<link href="' + cssPath + '" rel="stylesheet" integrity="' + integrity + '" crossorigin="anonymous">')
input.form-control(type='text', id='html_' + name, value='<link href="' + file + '" rel="stylesheet" integrity="' + sri + '" crossorigin="anonymous">')
.form-group
label(for='jade_' + name)
a(href="http://jade-lang.com/", target="_blank") Jade
input.form-control(type='text', id='jade_' + name, value='link(href="' + cssPath + '", rel="stylesheet")')
input.form-control(type='text', id='jade_' + name, value='link(href="' + file + '", rel="stylesheet" integrity="' + sri + '" crossorigin="anonymous")')
.form-group
label(for='haml_' + name)
a(href="http://haml.info/", target="_blank") Haml
input.form-control(type='text', id='haml_' + name, value='%link{:href=>"' + cssPath + '", :rel=>"stylesheet"}')
input.form-control(type='text', id='haml_' + name, value='%link{href: "' + file + '", rel: "stylesheet", integrity: "' + sri + '" crossorigin: "anonymous"}')

//- vim: ft=jade sw=4 sts=4 et:
3 changes: 1 addition & 2 deletions views/_partials/javascripts/after.jade
View file
Expand Up @@ -8,7 +8,7 @@ script
});

function tryIt(n) {
window.location.href = '/?theme=' + n;
window.location.href = '/bootswatch/?theme=' + n;
}

function toggleCode(el, name) {
Expand Down Expand Up @@ -53,5 +53,4 @@ script(async src="https://platform.twitter.com/widgets.js")
- if (bootlint)
script(src=bootlint)


//- vim: ft=jade sw=4 sts=4 et:
14 changes: 5 additions & 9 deletions views/_partials/jscode.jade
View file
@@ -1,18 +1,14 @@
.well.hidden(id=name)
.form-group
label(for='haml_' + name) HTML
input.form-control(type='text', id='html_' + name, value='<script src="' + jsPath + '"></script>')
- if (integrity)
.form-group
label(for='html_sri_' + name) HTML with SRI
input.form-control(type='text', id='html_sri_' + name, value='<script src="' + jsPath + '" integrity="' + integrity + '" crossorigin="anonymous"></script>')
label(for='html_' + name) HTML
input.form-control(type='text', id='html_sri_' + name, value='<script src="' + file + '" integrity="' + sri + '" crossorigin="anonymous"></script>')
.form-group
label(for='haml_' + name)
label(for='jade_' + name)
a(href="http://jade-lang.com/", target="_blank") Jade
input.form-control(type='text', id='jade_' + name, value='script(src="' + jsPath + '")')
input.form-control(type='text', id='jade_' + name, value='script(src="' + file + '" integrity="' + sri + '" crossorigin="anonymous")')
.form-group
label(for='haml_' + name)
a(href="http://haml.info/", target="_blank") Haml
input.form-control(type='text', id='haml_' + name, value='%script{:src=>"' + jsPath + '"}')
input.form-control(type='text', id='haml_' + name, value='%script{src: "' + file + '" integrity: "' + sri + '" crossorigin: "anonymous"}')

//- vim: ft=jade sw=4 sts=4 et:
7 changes: 4 additions & 3 deletions views/bootlint.jade
View file
Expand Up @@ -4,13 +4,14 @@ block content
h2 Bootlint
div.well.text-center
- var name = 'bootlintJS'.toLowerCase()
- var jsPath = config.bootlint[0].javascript
- var id = name + '_form'
- var file = config.bootlint[0].javascript
- var sri = config.bootlint[0].javascript_sri
- var id = name + '_form'

.form-group
label(for=id) Complete JavaScript
.input-group.input-group-lg
input.form-control(type="text", id=id, value=jsPath)
input.form-control(type="text", id=id, value=file)
.input-group-btn
button.btn.btn-default.btn-lg(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down
Expand Down
7 changes: 4 additions & 3 deletions views/bootswatch.jade
View file
Expand Up @@ -4,8 +4,9 @@ block content
h2 Bootswatch
div.well.text-center
- for (var i = 0; i < config.bootswatch.themes.length; i++) {
- var name = config.bootswatch.themes[i].toLowerCase()
- var cssPath=config.bootswatch.bootstrap.replace('SWATCH_NAME', name).replace('SWATCH_VERSION', config.bootswatch.version)
- var name = config.bootswatch.themes[i].name.toLowerCase()
- var sri = config.bootswatch.themes[i].sri
- var file = config.bootswatch.bootstrap.replace('SWATCH_NAME', name).replace('SWATCH_VERSION', config.bootswatch.version)
.row
.col-md-2
.tryit
Expand All @@ -18,7 +19,7 @@ block content
a(href=config.bootswatch.link.replace('SWATCH_NAME', name))
img.bootswatch.img-responsive(src=config.bootswatch.image.replace('SWATCH_NAME', name), alt=name + " thumbnail")
.input-group
input.form-control(type="text", value=cssPath)
input.form-control(type="text", value=file)
.input-group-btn
button.btn.btn-default(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down
Expand Down
7 changes: 4 additions & 3 deletions views/fontawesome.jade
View file
Expand Up @@ -4,13 +4,14 @@ block content
h2 Font Awesome
div.well.text-center
- var name = 'fontawesomeCSS1'.toLowerCase()
- var cssPath = config.fontawesome[0].css_complete
- var id = name + '_form'
- var file = config.fontawesome[0].stylesheet
- var sri = config.fontawesome[0].stylesheet_sri
- var id = name + '_form'

.form-group
label(for=id) Font Awesome CSS
.input-group.input-group-lg
input.form-control(type="text", id=id, value=cssPath)
input.form-control(type="text", id=id, value=file)
.input-group-btn
button.btn.btn-default.btn-lg(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down
Expand Down
16 changes: 8 additions & 8 deletions views/index.jade
View file
Expand Up @@ -4,29 +4,29 @@ block content
h2 Quick Start
div.well.text-center
- var name = 'quickstartCSS'.toLowerCase()
- var cssPath = config.bootstrap[0].css_complete
- var integrity = config.bootstrap[0].css_integrity
- var id = name + '_form'
- var file = config.bootstrap[0].stylesheet
- var sri = config.bootstrap[0].stylesheet_sri
- var id = name + '_form'

.form-group
label(for=id) Complete CSS
.input-group.input-group-lg
input.form-control(type="text", id=id, value=cssPath)
input.form-control(type="text", id=id, value=file)
.input-group-btn
button.btn.btn-default.btn-lg(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down

include _partials/csscode

- var name = 'quickstartJS'.toLowerCase()
- var jsPath = config.bootstrap[0].javascript
- var integrity = config.bootstrap[0].javascript_integrity
- var id = name + '_form'
- var file = config.bootstrap[0].javascript
- var sri = config.bootstrap[0].javascript_sri
- var id = name + '_form'

.form-group
label(for=id) Complete JavaScript
.input-group.input-group-lg
input.form-control(type="text", id=id, value=jsPath)
input.form-control(type="text", id=id, value=file)
.input-group-btn
button.btn.btn-default.btn-lg(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down
Expand Down
3 changes: 1 addition & 2 deletions views/layout.jade
View file
Expand Up @@ -9,8 +9,7 @@ html(lang="en")
meta(name='description', content=(description || config.description))

link(rel='shortcut icon', href=config.favicon)

link(rel='stylesheet', href=helpers.theme.css(config, theme))
link(rel='stylesheet', href=helpers.theme.stylesheet(config, theme))

- if (config.stylesheets)
- each css in config.stylesheets
Expand Down
31 changes: 9 additions & 22 deletions views/legacy.jade
View file
Expand Up @@ -6,45 +6,32 @@ block content
- if (!item.latest)
div.well.text-center
h2= item.version
- if (item.css_complete)
- if (item.stylesheet)
- var file = item.stylesheet
- var sri = item.stylesheet_sri
- var name = "css_complete_" + item.version.replace(/\./g, '_')
- var id = name + '_form'
- var cssPath = item.css_complete
- var integrity = item.css_integrity
- var id = name + '_form'
.form-group
label(for=id) Complete CSS
.input-group
input.form-control(type="text", id=id, value=cssPath)
input.form-control(type="text", id=id, value=file)
.input-group-btn
button.btn.btn-default(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down
include _partials/csscode

- if (item.javascript)
- var file = item.javascript
- var sri = item.javascript_sri
- var name = "javascript_" + item.version.replace(/\./g, '_')
- var id = name + '_form'
- var jsPath = item.javascript
- var integrity = item.javascript_integrity
- var id = name + '_form'
.form-group
label(for=id) Complete JavaScript
.input-group
input.form-control(type="text", id=id, value=jsPath)
input.form-control(type="text", id=id, value=file)
.input-group-btn
button.btn.btn-default(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down
include _partials/jscode

- if (item.css_no_icons)
- var name = "css_no_icons_" + item.version.replace(/\./g, '_')
- var id = name + '_form'
- var cssPath = item.css_no_icons
.form-group
label(for=id) Complete CSS (without Icons)
.input-group
input.form-control(type="text", id=id, value=cssPath)
.input-group-btn
button.btn.btn-default(type="button", onclick="toggleCode(this,'" + name + "')")
i.fa.fa-caret-down
include _partials/csscode

//- vim: ft=jade sw=4 sts=4 et:

0 comments on commit c6e4f6d

Please sign in to comment.