Sugoimusic
/
Frontend
2
0
Fork 1
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add sub-resource integrity to scripts 

This is not particularly useful but it was fun
undefined
spaghetti 8 years ago
committed by Tomochin
parent
12e13e1cb0
commit
b1bbf4055d
2 changed files with 34 additions and 33 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +20
    -26
      design/privateheader.php
  2. +14
    -7
      design/publicheader.php

+ 20
- 26
design/privateheader.php View File

@@ -60,30 +60,24 @@ if ($UseTooltipster) { ?>
<link rel="stylesheet" href="<?=STATIC_SERVER?>styles/tooltipster/style.css?v=<?=filemtime(SERVER_ROOT.'/static/styles/tooltipster/style.css')?>" type="text/css" media="screen" />
<?
}
if ($Mobile) { ?>
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0, user-scalable=no;" />
<link rel="stylesheet" type="text/css" href="<?=STATIC_SERVER ?>styles/mobile/style.css" />
<?
} else {
if (empty(G::$LoggedUser['StyleURL'])) {
if (empty(G::$LoggedUser['StyleURL'])) {
?>
<link rel="stylesheet" type="text/css" title="<?=G::$LoggedUser['StyleName']?>" media="screen"
href="<?=STATIC_SERVER?>styles/<?=G::$LoggedUser['StyleName']?>/style.css?v=<?=filemtime(SERVER_ROOT.'/static/styles/'.G::$LoggedUser['StyleName'].'/style.css')?>" />
<link rel="stylesheet" type="text/css" title="<?=G::$LoggedUser['StyleName']?>" media="screen"
href="<?=STATIC_SERVER?>styles/<?=G::$LoggedUser['StyleName']?>/style.css?v=<?=filemtime(SERVER_ROOT.'/static/styles/'.G::$LoggedUser['StyleName'].'/style.css')?>" />
<?
} else {
$StyleURLInfo = parse_url(G::$LoggedUser['StyleURL']);
if (substr(G::$LoggedUser['StyleURL'], -4) == '.css'
&& empty($StyleURLInfo['query']) && empty($StyleURLInfo['fragment'])
&& ($StyleURLInfo['host'] == SITE_DOMAIN)
&& file_exists(SERVER_ROOT.$StyleURLInfo['path'])) {
$StyleURL = G::$LoggedUser['StyleURL'].'?v='.filemtime(SERVER_ROOT.$StyleURLInfo['path']);
} else {
$StyleURLInfo = parse_url(G::$LoggedUser['StyleURL']);
if (substr(G::$LoggedUser['StyleURL'], -4) == '.css'
&& empty($StyleURLInfo['query']) && empty($StyleURLInfo['fragment'])
&& ($StyleURLInfo['host'] == SITE_DOMAIN)
&& file_exists(SERVER_ROOT.$StyleURLInfo['path'])) {
$StyleURL = G::$LoggedUser['StyleURL'].'?v='.filemtime(SERVER_ROOT.$StyleURLInfo['path']);
} else {
$StyleURL = G::$LoggedUser['StyleURL'];
}
$StyleURL = G::$LoggedUser['StyleURL'];
}
?>
<link rel="stylesheet" type="text/css" media="screen" href="<?=$StyleURL?>" title="External CSS" />
<link rel="stylesheet" type="text/css" media="screen" href="<?=$StyleURL?>" title="External CSS" />
<?
}
}
$ExtraCSS = explode(',', $CSSIncludes);
foreach ($ExtraCSS as $CSS) {
@@ -110,14 +104,14 @@ foreach ($Scripts as $Script) {
if (trim($Script) == '') {
continue;
}
if (($ScriptStats = G::$Cache->get_value("script_stats_$Script")) === false || $ScriptStats['mtime'] != filemtime(STATIC_SERVER."functions/$Script.js")) {
$ScriptStats['mtime'] = filemtime(STATIC_SERVER."functions/$Script.js");
$ScriptStats['hash'] = base64_encode(hash_file(INTEGRITY_ALGO, STATIC_SERVER."functions/$Script.js", true));
$ScriptStats['algo'] = INTEGRITY_ALGO;
G::$Cache->cache_value("script_stats_$Script", $ScriptStats);
}
?>
<script
src="<?=STATIC_SERVER?>functions/<?=$Script?>.js?v=<?=filemtime(SERVER_ROOT.'/static/functions/'.$Script.'.js')?>"
type="text/javascript"></script>
<?
}
if ($Mobile) { ?>
<script src="<?=STATIC_SERVER?>styles/mobile/style.js" type="text/javascript"></script>
<script src="<?=STATIC_SERVER."functions/$Script.js?v=$ScriptStats[mtime]"?>" type="text/javascript" integrity="<?="$ScriptStats[algo]-$ScriptStats[hash]"?>"></script>
<?
}



+ 14
- 7
design/publicheader.php View File

@@ -9,13 +9,20 @@ define('FOOTER_FILE',SERVER_ROOT.'/design/publicfooter.php');
<meta http-equiv="X-UA-Compatible" content="chrome=1; IE=edge" />
<link rel="shortcut icon" href="favicon.ico?v=<?=md5_file('favicon.ico');?>" />
<link href="<?=STATIC_SERVER ?>styles/public/style.css?v=<?=filemtime(SERVER_ROOT.'/static/styles/public/style.css')?>" rel="stylesheet" type="text/css" />
<script src="<?=STATIC_SERVER?>functions/jquery.js" type="text/javascript"></script>
<script src="<?=STATIC_SERVER?>functions/script_start.js?v=<?=filemtime(SERVER_ROOT.'/static/functions/script_start.js')?>" type="text/javascript"></script>
<script src="<?=STATIC_SERVER?>functions/ajax.class.js?v=<?=filemtime(SERVER_ROOT.'/static/functions/ajax.class.js')?>" type="text/javascript"></script>
<script src="<?=STATIC_SERVER?>functions/cookie.class.js?v=<?=filemtime(SERVER_ROOT.'/static/functions/cookie.class.js')?>" type="text/javascript"></script>
<script src="<?=STATIC_SERVER?>functions/storage.class.js?v=<?=filemtime(SERVER_ROOT.'/static/functions/storage.class.js')?>" type="text/javascript"></script>
<script src="<?=STATIC_SERVER?>functions/global.js?v=<?=filemtime(SERVER_ROOT.'/static/functions/global.js')?>" type="text/javascript"></script>
<? $img = array_diff(scandir(SERVER_ROOT.'/misc/bg', 1), array('.', '..')); ?>
<?
$Scripts = ['jquery', 'script_start', 'ajax.class', 'cookie.class', 'storage.class', 'global'];
foreach($Scripts as $Script) {
if (($ScriptStats = G::$Cache->get_value("script_stats_$Script")) === false || $ScriptStats['mtime'] != filemtime(STATIC_SERVER."functions/$Script.js")) {
$ScriptStats['mtime'] = filemtime(STATIC_SERVER."functions/$Script.js");
$ScriptStats['hash'] = base64_encode(hash_file(INTEGRITY_ALGO, STATIC_SERVER."functions/$Script.js", true));
$ScriptStats['algo'] = INTEGRITY_ALGO;
G::$Cache->cache_value("script_stats_$Script", $ScriptStats);
}
?>
<script src="<?=STATIC_SERVER."functions/$Script.js?v=$ScriptStats[mtime]"?>" type="text/javascript" integrity="<?="$ScriptStats[algo]-$ScriptStats[hash]"?>"></script>
<?
}
$img = array_diff(scandir(SERVER_ROOT.'/misc/bg', 1), array('.', '..')); ?>
<style> #content { background-image: url(<? echo("'/misc/bg/" . $img[rand(0,count($img)-1)] . "'"); ?>); }</style>
</head>
<body>


Write Preview
Loading…
Cancel
Save