From 54b32d7f4bd4f6d5f9fa8b88048202fac44449e9 Mon Sep 17 00:00:00 2001
From: Mimi <1119186082@qq.com>
Date: Mon, 3 May 2021 10:57:11 +0800
Subject: [PATCH] Subresource Integrity (#247)
---
layout/_partials/head/head.njk | 10 +++++-----
layout/_scripts/vendors.njk | 4 ++--
layout/_third-party/comments/disqusjs.njk | 2 +-
layout/_third-party/comments/gitalk.njk | 2 +-
layout/_third-party/math/katex.njk | 4 ++--
layout/_third-party/quicklink.njk | 2 +-
layout/_third-party/search/algolia-search.njk | 4 ++--
layout/_third-party/statistics/firestore.njk | 4 ++--
scripts/events/lib/vendors.js | 9 +++++++--
scripts/helpers/engine.js | 11 +++++++++++
source/js/utils.js | 15 ++++++++++++---
11 files changed, 46 insertions(+), 21 deletions(-)
diff --git a/layout/_partials/head/head.njk b/layout/_partials/head/head.njk
index a4dc5af..1a4498f 100644
--- a/layout/_partials/head/head.njk
+++ b/layout/_partials/head/head.njk
@@ -38,19 +38,19 @@
{{ next_font() }}
-
+{{ next_vendors('fontawesome') }}
{%- if theme.motion.enable %}
-
+ {{ next_vendors('animate_css') }}
{%- endif %}
{%- if theme.fancybox %}
-
+ {{ next_vendors('fancybox_css') }}
{%- endif %}
{%- if theme.nprogress.enable %}
-
-
+ {{ next_vendors('nprogress_css') }}
+ {{ next_vendors('nprogress_js') }}
{%- endif %}
{{ next_data('main', next_config()) }}
diff --git a/layout/_scripts/vendors.njk b/layout/_scripts/vendors.njk
index 482d93a..0790100 100644
--- a/layout/_scripts/vendors.njk
+++ b/layout/_scripts/vendors.njk
@@ -1,7 +1,7 @@
{%- if theme.canvas_ribbon.enable %}
-
+
{%- endif %}
{%- for name in js_vendors() %}
-
+ {{ next_vendors(name) }}
{%- endfor %}
diff --git a/layout/_third-party/comments/disqusjs.njk b/layout/_third-party/comments/disqusjs.njk
index 995ac93..d15e2b3 100644
--- a/layout/_third-party/comments/disqusjs.njk
+++ b/layout/_third-party/comments/disqusjs.njk
@@ -1,4 +1,4 @@
-
+{{ next_vendors('disqusjs_css') }}
{{ next_data('disqusjs', theme.disqusjs, {
js: theme.vendors.disqusjs_js
diff --git a/layout/_third-party/comments/gitalk.njk b/layout/_third-party/comments/gitalk.njk
index 0a85d64..d1cee1d 100644
--- a/layout/_third-party/comments/gitalk.njk
+++ b/layout/_third-party/comments/gitalk.njk
@@ -1,4 +1,4 @@
-
+{{ next_vendors('gitalk_css') }}
{{ next_data('gitalk', theme.gitalk, {
js: theme.vendors.gitalk_js,
diff --git a/layout/_third-party/math/katex.njk b/layout/_third-party/math/katex.njk
index 90d8fea..354edb8 100644
--- a/layout/_third-party/math/katex.njk
+++ b/layout/_third-party/math/katex.njk
@@ -1,6 +1,6 @@
-
+{{ next_vendors('katex') }}
{%- if theme.math.katex.copy_tex %}
-
+ {{ next_vendors('copy_tex_css') }}
{{ next_data('katex', {
copy_tex_js: theme.vendors.copy_tex_js
}) }}
diff --git a/layout/_third-party/quicklink.njk b/layout/_third-party/quicklink.njk
index f97363f..e027a98 100644
--- a/layout/_third-party/quicklink.njk
+++ b/layout/_third-party/quicklink.njk
@@ -1,5 +1,5 @@
{%- if theme.quicklink.enable %}
-
+ {{ next_vendors('quicklink') }}
{{ next_data('quicklink', page.quicklink, {
url: url | replace(r/index\.html$/, '')
}) }}
diff --git a/layout/_third-party/search/algolia-search.njk b/layout/_third-party/search/algolia-search.njk
index 12eddc1..9e69c92 100644
--- a/layout/_third-party/search/algolia-search.njk
+++ b/layout/_third-party/search/algolia-search.njk
@@ -1,4 +1,4 @@
-
-
+{{ next_vendors('algolia_search') }}
+{{ next_vendors('instant_search') }}
{{- next_js('third-party/search/algolia-search.js') }}
diff --git a/layout/_third-party/statistics/firestore.njk b/layout/_third-party/statistics/firestore.njk
index 48ccc69..2bc37a1 100644
--- a/layout/_third-party/statistics/firestore.njk
+++ b/layout/_third-party/statistics/firestore.njk
@@ -1,6 +1,6 @@
{%- if theme.firestore.enable %}
-
-
+ {{ next_vendors('firebase_app') }}
+ {{ next_vendors('firebase_firestore') }}
{{ next_data('firestore', theme.firestore) }}
{{ next_js('third-party/statistics/firestore.js') }}
{%- endif %}
diff --git a/scripts/events/lib/vendors.js b/scripts/events/lib/vendors.js
index 4bda1c0..cd96cb6 100644
--- a/scripts/events/lib/vendors.js
+++ b/scripts/events/lib/vendors.js
@@ -19,7 +19,9 @@ module.exports = hexo => {
}
for (const [key, value] of Object.entries(dependencies)) {
if (vendors[key]) {
- vendors[key] = url_for.call(hexo, vendors[key]);
+ vendors[key] = {
+ url: url_for.call(hexo, vendors[key])
+ };
continue;
}
const { name, version, file, alias, unavailable } = value;
@@ -32,6 +34,9 @@ module.exports = hexo => {
let { plugins = 'jsdelivr' } = vendors;
if (plugins === 'cdnjs' && unavailable && unavailable.includes('cdnjs')) plugins = 'jsdelivr';
if (plugins === 'local' && typeof internal === 'undefined') plugins = 'jsdelivr';
- vendors[key] = links[plugins] || links.jsdelivr;
+ vendors[key] = {
+ url : links[plugins] || links.jsdelivr,
+ integrity: value.integrity
+ };
}
};
diff --git a/scripts/helpers/engine.js b/scripts/helpers/engine.js
index aa51f3a..1e6e0b3 100644
--- a/scripts/helpers/engine.js
+++ b/scripts/helpers/engine.js
@@ -29,6 +29,17 @@ hexo.extend.helper.register('next_js', function(file, pjax = false) {
return ``;
});
+hexo.extend.helper.register('next_vendors', function(name) {
+ const { url, integrity } = this.theme.vendors[name];
+ const type = url.endsWith('css') ? 'css' : 'js';
+ if (type === 'css') {
+ if (integrity) return ``;
+ return ``;
+ }
+ if (integrity) return ``;
+ return ``;
+});
+
hexo.extend.helper.register('next_data', function(name, ...data) {
const { escape_html } = this;
const json = data.length === 1 ? data[0] : Object.assign({}, ...data);
diff --git a/source/js/utils.js b/source/js/utils.js
index c4b33f8..148549a 100644
--- a/source/js/utils.js
+++ b/source/js/utils.js
@@ -337,9 +337,9 @@ NexT.utils = {
}
},
- getScript: function(url, options = {}, legacyCondition) {
+ getScript: function(src, options = {}, legacyCondition) {
if (typeof options === 'function') {
- return this.getScript(url, {
+ return this.getScript(src, {
condition: legacyCondition
}).then(options);
}
@@ -373,7 +373,16 @@ NexT.utils = {
script.onload = resolve;
script.onerror = reject;
- script.src = url;
+ if (typeof src === 'object') {
+ const { url, integrity } = src;
+ script.src = url;
+ if (integrity) {
+ script.integrity = integrity;
+ script.crossOrigin = 'anonymous';
+ }
+ } else {
+ script.src = src;
+ }
(parentNode || document.head).appendChild(script);
}
});