README
¶
stakmachine/integrity
stackmachine/integrity makes it easy to enable subresource integrity for your web applications.
Usage
package main
import (
"fmt"
"log"
"github.com/stackmachine/integrity"
)
func main() {
// Calculate SHA512 digests for all your static assets
fs, err := integrity.ParseFiles("static")
if err != nil {
log.Fatal(err)
}
// Return the digest for a given file path, returning an error if it
// doesn't exist.
sha, err := fs.Digest("css/style.css")
if err != nil {
log.Fatal(err)
}
// Use the parameter on a script or link element
fmt.Println("integrity", sha)
}
The package also ships with a http.Handler that checks if an included digest
is valid.
package main
import (
"fmt"
"log"
"net/http"
"github.com/stackmachine/integrity"
)
func main() {
fs, err := integrity.ParseFiles("static")
if err != nil {
log.Fatal(err)
}
handler := http.FileServer(http.Dir("testdata"))
handler = integrity.Verify(fs, handler)
handler = http.StripPrefix("/static/", handler)
// 200 - GET /static/css/style.css
// 200 - GET /static/css/style.css?sha=sha512-valid
// 404 - GET /static/css/style.css?sha=sha512-invalid
fmt.Println("listening on :8080...")
http.ListenAndServe(":8080", handler)
}
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FileSet ¶
type FileSet struct {
// contains filtered or unexported fields
}
func ParseFiles ¶
We're not actually parsing anything
type Verifier ¶
type Verifier struct {
// Query parameter that contains the SHA512 integrity value. Defaults to
// "sha".
Param string
// If an integrity value is provided and it doesn't match the file, return
// a 404 using this handler. Defaults to http.NotFoundHandler
NotFound http.Handler
// contains filtered or unexported fields
}
Source Files
Click to show internal directories.
Click to hide internal directories.