SRI provides a powerful defence against code injection, supply chain attacks, man in the middle and other security risks.
This is a simple tool to generate the SRI hashes of an HTML file and generates an update HTML. I.e., you don't need anymore to care and waste time to generate the hash of the resources during development. Unlike other tools, this one is framework-agnostic.
So far most tools just compute the hash, and you have to manually update the HTML.
There is a dependency with libcurl4 as the resource can be fetched on web
(a CDN or so).
The tool can be used locally or in your CI/CD pipeline.
It is ok so far not to appear smart-enough to read RFCs and be lazy reading a more convivial one like the one from MDN.
Dependencies with libcrypto++8, and libcurl4 only are required.
On Debian like distribution, you can install them with:
sudo apt-get install libcrypto++8 libcurl4Dependencies with cmake, libcrypto++-dev, libtclap-dev and libcurl-dev are required.
On Debian like distribution, you can install them with:
sudo apt-get install cmake libcrypto++-dev libtclap-dev libcurl-devPlus, of course, a C++ compiler.
ldd <path to executable>cmake CMakelists.txtA DockerFile ease the installation of the tool, it only builds the CLI, not the tests. You can build the docker image and use the tool with:
docker build .
docker run <Image ID> test-data/index2.html -a sha512WTFPL, "Choose freedom. Do What The Fuck You Want to" as they say...