mirror of
https://github.com/twitter/twemoji.git
synced 2024-06-15 03:35:16 +00:00
Reintroduce Subresource Integrity hashes in the previews and as a separate option in the README
This commit is contained in:
parent
2538ae039c
commit
4c21f09d6b
@ -20,6 +20,11 @@ Use the following in the `<head>` tag of your HTML document(s):
|
|||||||
|
|
||||||
This guarantees that you will always use the latest version of the library.
|
This guarantees that you will always use the latest version of the library.
|
||||||
|
|
||||||
|
If, instead, you'd like to include the latest version explicitly, you can add the following tag:
|
||||||
|
```html
|
||||||
|
<script src="https://twemoji.maxcdn.com/v/12.1.3/twemoji.min.js" integrity="sha384-PEQg4NJbyXT+TJJVKYN9zmD5ehVaV3TiBdzovT7WkshNClGNg8+bk4hKQ+lGrgaw" crossorigin="anonymous"></script>
|
||||||
|
```
|
||||||
|
|
||||||
### Download
|
### Download
|
||||||
|
|
||||||
If instead you want to download a specific version, please look at the `gh-pages` branch, where you will find the built assets for both our latest and older versions.
|
If instead you want to download a specific version, please look at the `gh-pages` branch, where you will find the built assets for both our latest and older versions.
|
||||||
|
@ -7,6 +7,7 @@
|
|||||||
const fs = require('fs-extra');
|
const fs = require('fs-extra');
|
||||||
const path = require('path');
|
const path = require('path');
|
||||||
const { spawnSync } = require('child_process');
|
const { spawnSync } = require('child_process');
|
||||||
|
const { getIntegrityHash } = require('./utils');
|
||||||
|
|
||||||
function file(...which) {
|
function file(...which) {
|
||||||
return path.join(__dirname, '..', ...which);
|
return path.join(__dirname, '..', ...which);
|
||||||
@ -55,6 +56,16 @@ fs.unlinkSync(distFile('twemoji.tmp.js'));
|
|||||||
fs.writeFileSync(distFile('twemoji.min.js'), `${copyright}\n${minifiedContents}`);
|
fs.writeFileSync(distFile('twemoji.min.js'), `${copyright}\n${minifiedContents}`);
|
||||||
fs.writeFileSync(distFile('twemoji.esm.js'), `${copyright}\n${minifiedContents}\nexport default twemoji;`);
|
fs.writeFileSync(distFile('twemoji.esm.js'), `${copyright}\n${minifiedContents}\nexport default twemoji;`);
|
||||||
|
|
||||||
|
const integrityHash = getIntegrityHash(distFile('twemoji.min.js'));
|
||||||
|
const { version } = require('../package.json');
|
||||||
|
|
||||||
|
function updateSriScriptReference(filename) {
|
||||||
|
const newScript = `<script src="https://twemoji.maxcdn.com/v/${version}/twemoji.min.js" integrity="${integrityHash}"`;
|
||||||
|
fs.writeFileSync(filename, fs.readFileSync(filename).toString('utf8').replace(/<script src="[^ ]*" integrity="[^ ]*"/, newScript));
|
||||||
|
}
|
||||||
|
|
||||||
|
updateSriScriptReference(file('README.md'));
|
||||||
|
|
||||||
// Copy the png assets and svgs to the dist folder
|
// Copy the png assets and svgs to the dist folder
|
||||||
fs.copySync(file('assets/svg'), distFile('svg'));
|
fs.copySync(file('assets/svg'), distFile('svg'));
|
||||||
fs.copySync(file('assets/72x72'), distFile('72x72'));
|
fs.copySync(file('assets/72x72'), distFile('72x72'));
|
@ -37,7 +37,8 @@ fs.readdir(file('assets/ai'), function (err, files) {
|
|||||||
}).join('');
|
}).join('');
|
||||||
}).join('</li>\n <li>')+ '</li>'
|
}).join('</li>\n <li>')+ '</li>'
|
||||||
)
|
)
|
||||||
.replace('{{version}}', version);
|
.replace('{{version}}', version)
|
||||||
|
.replace('{{integrityHash}}', Utils.getIntegrityHash(distFile('twemoji.min.js')));
|
||||||
fs.writeFileSync(
|
fs.writeFileSync(
|
||||||
distFile('preview.html'),
|
distFile('preview.html'),
|
||||||
page.replace(
|
page.replace(
|
||||||
|
@ -1,3 +1,5 @@
|
|||||||
|
const { spawnSync } = require('child_process');
|
||||||
|
|
||||||
function fromCodePoint(codepoint) {
|
function fromCodePoint(codepoint) {
|
||||||
var code = typeof codepoint === 'string' ?
|
var code = typeof codepoint === 'string' ?
|
||||||
parseInt(codepoint, 16) : codepoint;
|
parseInt(codepoint, 16) : codepoint;
|
||||||
@ -26,3 +28,13 @@ function UTF162JSON(text) {
|
|||||||
return r.join('');
|
return r.join('');
|
||||||
}
|
}
|
||||||
module.exports.UTF162JSON = UTF162JSON;
|
module.exports.UTF162JSON = UTF162JSON;
|
||||||
|
|
||||||
|
function getIntegrityHash(filename) {
|
||||||
|
const algorithm = 'sha384';
|
||||||
|
const digest = spawnSync('openssl', ['dgst', `-${algorithm}`, '-binary', filename]);
|
||||||
|
if (digest.status || digest.signal){
|
||||||
|
throw new Error(digest.stderr.toString('utf8'));
|
||||||
|
}
|
||||||
|
return `${algorithm}-${digest.stdout.toString('base64')}`;
|
||||||
|
}
|
||||||
|
module.exports.getIntegrityHash = getIntegrityHash;
|
||||||
|
@ -25,7 +25,7 @@
|
|||||||
vertical-align: -0.1em;
|
vertical-align: -0.1em;
|
||||||
}
|
}
|
||||||
</style>
|
</style>
|
||||||
<script src="https://twemoji.maxcdn.com/v/{{version}}/twemoji.min.js" crossorigin="anonymous"></script>
|
<script src="https://twemoji.maxcdn.com/v/{{version}}/twemoji.min.js" integrity="{{integrityHash}}"crossorigin="anonymous"></script>
|
||||||
</head>
|
</head>
|
||||||
<body>
|
<body>
|
||||||
<ul class="emoji-list">
|
<ul class="emoji-list">
|
||||||
|
Loading…
Reference in New Issue
Block a user