Skip to content
Permalink
Browse files

Reintroduce Subresource Integrity hashes in the previews and as a sep…

…arate option in the README
  • Loading branch information
n8downs committed Sep 25, 2019
1 parent 2538ae0 commit 4c21f09d6b4f6f89787bd5426d8f3aae500a9613
Showing with 31 additions and 2 deletions.
  1. +5 −0 README.md
  2. +11 −0 scripts/create-dist
  3. +2 −1 scripts/preview
  4. +12 −0 scripts/utils.js
  5. +1 −1 src/templates/preview.html
@@ -20,6 +20,11 @@ Use the following in the `<head>` tag of your HTML document(s):

This guarantees that you will always use the latest version of the library.

If, instead, you'd like to include the latest version explicitly, you can add the following tag:
```html
<script src="https://twemoji.maxcdn.com/v/12.1.3/twemoji.min.js" integrity="sha384-PEQg4NJbyXT+TJJVKYN9zmD5ehVaV3TiBdzovT7WkshNClGNg8+bk4hKQ+lGrgaw" crossorigin="anonymous"></script>
```

### Download

If instead you want to download a specific version, please look at the `gh-pages` branch, where you will find the built assets for both our latest and older versions.
@@ -7,6 +7,7 @@
const fs = require('fs-extra');
const path = require('path');
const { spawnSync } = require('child_process');
const { getIntegrityHash } = require('./utils');

function file(...which) {
return path.join(__dirname, '..', ...which);
@@ -55,6 +56,16 @@ fs.unlinkSync(distFile('twemoji.tmp.js'));
fs.writeFileSync(distFile('twemoji.min.js'), `${copyright}\n${minifiedContents}`);
fs.writeFileSync(distFile('twemoji.esm.js'), `${copyright}\n${minifiedContents}\nexport default twemoji;`);

const integrityHash = getIntegrityHash(distFile('twemoji.min.js'));
const { version } = require('../package.json');

function updateSriScriptReference(filename) {
const newScript = `<script src="https://twemoji.maxcdn.com/v/${version}/twemoji.min.js" integrity="${integrityHash}"`;
fs.writeFileSync(filename, fs.readFileSync(filename).toString('utf8').replace(/<script src="[^ ]*" integrity="[^ ]*"/, newScript));
}

updateSriScriptReference(file('README.md'));

// Copy the png assets and svgs to the dist folder
fs.copySync(file('assets/svg'), distFile('svg'));
fs.copySync(file('assets/72x72'), distFile('72x72'));
@@ -37,7 +37,8 @@ fs.readdir(file('assets/ai'), function (err, files) {
}).join('');
}).join('</li>\n <li>')+ '</li>'
)
.replace('{{version}}', version);
.replace('{{version}}', version)
.replace('{{integrityHash}}', Utils.getIntegrityHash(distFile('twemoji.min.js')));
fs.writeFileSync(
distFile('preview.html'),
page.replace(
@@ -1,3 +1,5 @@
const { spawnSync } = require('child_process');

function fromCodePoint(codepoint) {
var code = typeof codepoint === 'string' ?
parseInt(codepoint, 16) : codepoint;
@@ -26,3 +28,13 @@ function UTF162JSON(text) {
return r.join('');
}
module.exports.UTF162JSON = UTF162JSON;

function getIntegrityHash(filename) {
const algorithm = 'sha384';
const digest = spawnSync('openssl', ['dgst', `-${algorithm}`, '-binary', filename]);
if (digest.status || digest.signal){
throw new Error(digest.stderr.toString('utf8'));
}
return `${algorithm}-${digest.stdout.toString('base64')}`;
}
module.exports.getIntegrityHash = getIntegrityHash;
@@ -25,7 +25,7 @@
vertical-align: -0.1em;
}
</style>
<script src="https://twemoji.maxcdn.com/v/{{version}}/twemoji.min.js" crossorigin="anonymous"></script>
<script src="https://twemoji.maxcdn.com/v/{{version}}/twemoji.min.js" integrity="{{integrityHash}}"crossorigin="anonymous"></script>
</head>
<body>
<ul class="emoji-list">

1 comment on commit 4c21f09

@n8downs

This comment has been minimized.

Copy link
Contributor Author

n8downs commented on 4c21f09 Sep 25, 2019

@noelleleigh They're back! Thanks for waiting.

Please sign in to comment.
You can’t perform that action at this time.