webpack-subresource-integrity
Advanced tools
Comparing version 0.1.0 to 0.2.0
29
index.js
@@ -21,26 +21,9 @@ var crypto = require('crypto'); | ||
/* | ||
* Patch require-ensure code to add the integrity attribute. | ||
* | ||
* It would be nice to add the integrity attribute through an | ||
* official hook, but none exists currently. The alternative of | ||
* replacing the entire lazy loading infrastructure isn't | ||
* desirable either. | ||
* Patch jsonp-script code to add the integrity attribute. | ||
*/ | ||
mainTemplate.plugin('require-ensure', function requireEnsurePlugin(source) { | ||
var regex = /^([\t ]*)head\.appendChild\(script\);$/gm; | ||
var match = regex.exec(source); | ||
if (!match) { | ||
throw new Error('No match found, you seem to be using an incompatible webpack version'); | ||
} | ||
if (regex.exec(source)) { | ||
throw new Error('Multiple matches found, you seem to be using an incompatible webpack version'); | ||
} | ||
var head = source.substring(0, match.index); | ||
var tail = source.substring(match.index); | ||
return head + | ||
match[1] + | ||
'script.integrity = sriHashes[chunkId];\n' + | ||
tail; | ||
mainTemplate.plugin('jsonp-script', function jsonpScriptPlugin(source) { | ||
return this.asString([ | ||
source, | ||
'script.integrity = sriHashes[chunkId];', | ||
]); | ||
}); | ||
@@ -47,0 +30,0 @@ |
{ | ||
"name": "webpack-subresource-integrity", | ||
"version": "0.1.0", | ||
"version": "0.2.0", | ||
"description": "Webpack plugin for ensuring subresource integrity", | ||
@@ -42,4 +42,7 @@ "main": "index", | ||
"mocha": "^2.3.4", | ||
"webpack": "^1.12.6" | ||
"webpack": "^1.12.11" | ||
}, | ||
"peerDependencies": { | ||
"webpack": "^1.12.11" | ||
}, | ||
"files": [ | ||
@@ -46,0 +49,0 @@ "LICENSE", |
@@ -55,6 +55,2 @@ # webpack-subresource-integrity | ||
* This plugin uses some black magic and thus might break in arbitrary | ||
ways for future webpack releases, even point releases. You have | ||
been warned. Tested with webpack 1.12.9 and webpack-core 0.6.8. | ||
## Contributing | ||
@@ -61,0 +57,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
8934
2
114
66