How to use webpack-subresource-integrity - 5 common examples

To help you get started, we’ve selected a few webpack-subresource-integrity examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github sebastian-software / edge / packages / edge-builder / src / builder.js View on Github external
},

    plugins: [
      // Generating static HTML page for simple static deployment
      // https://github.com/jantimon/html-webpack-plugin
      isProduction && isClient ?
        new HtmlWebpackPlugin({
          template: HTML_TEMPLATE
        }) :
        null,

      // Subresource Integrity (SRI) is a security feature that enables browsers to verify that
      // files they fetch (for example, from a CDN) are delivered without unexpected manipulation.
      // https://www.npmjs.com/package/webpack-subresource-integrity
      // Browser-Support: http://caniuse.com/#feat=subresource-integrity
      new SriPlugin({
        hashFuncNames: [ "sha256", "sha512" ],
        enabled: isProduction && isClient
      }),

      // Improve OS compatibility
      // https://github.com/Urthen/case-sensitive-paths-webpack-plugin
      new CaseSensitivePathsPlugin(),

      // Custom progress plugin
      new VerboseProgress(),

      // Automatically assign quite useful and matching chunk names based on file names.
      new ChunkNames(),

      // We use this so that our generated [chunkhash]'s are only different if
      // the content for our respective chunks have changed.  This optimises
github sebastian-software / edge / packages / edge-boilerplate / webpack / builder.js View on Github external
},

    plugins: [
      // Generating static HTML page for simple static deployment
      // https://github.com/jantimon/html-webpack-plugin
      isProduction && isClient ?
        new HtmlWebpackPlugin({
          template: path.resolve(__dirname, "../src/index.ejs")
        }) :
        null,

      // Subresource Integrity (SRI) is a security feature that enables browsers to verify that
      // files they fetch (for example, from a CDN) are delivered without unexpected manipulation.
      // https://www.npmjs.com/package/webpack-subresource-integrity
      // Browser-Support: http://caniuse.com/#feat=subresource-integrity
      new SriPlugin({
        hashFuncNames: [ "sha256", "sha512" ],
        enabled: isProduction && isClient
      }),

      // Improve OS compatibility
      // https://github.com/Urthen/case-sensitive-paths-webpack-plugin
      new CaseSensitivePathsPlugin(),

      // Custom progress plugin
      new VerboseProgress(),

      // Automatically assign quite useful and matching chunk names based on file names.
      new ChunkNames(),

      // We use this so that our generated [chunkhash]'s are only different if
      // the content for our respective chunks have changed.  This optimises
github sebastian-software / edge / packages / edge-builder / src / builder.js View on Github external
// Generating static HTML page for simple static deployment
      // https://github.com/jantimon/html-webpack-plugin
      /*
      isProduction && isClient ?
        new HtmlWebpackPlugin({
          template: HTML_TEMPLATE
        }) :
        null,
      */

      // Subresource Integrity (SRI) is a security feature that enables browsers to verify that
      // files they fetch (for example, from a CDN) are delivered without unexpected manipulation.
      // https://www.npmjs.com/package/webpack-subresource-integrity
      // Browser-Support: http://caniuse.com/#feat=subresource-integrity
      new SriPlugin({
        hashFuncNames: [ "sha256", "sha512" ],
        enabled: isProduction && isClient
      }),

      // Improve OS compatibility
      // https://github.com/Urthen/case-sensitive-paths-webpack-plugin
      new CaseSensitivePathsPlugin(),

      // Custom progress plugin
      process.stdout.isTTY ? new VerboseProgress({
        prefix: PREFIX
      }) : null,

      // Analyse bundle in production
      isClient && isProduction ? new BundleAnalyzerPlugin.BundleAnalyzerPlugin({
        analyzerMode: "static",
github mozilla / addons-frontend / tests / unit / core / server / test_sriDataPlugin.js View on Github external
function compile({ entry = {}, includeSriPlugin = true } = {}) {
    const sriFile = path.join(distDir, 'sri.json');

    const plugins = [];
    if (includeSriPlugin) {
      plugins.push(new SriPlugin({ hashFuncNames: ['sha512'] }));
    }
    plugins.push(new SriDataPlugin({ saveAs: sriFile }));

    const compiler = webpack({
      entry: {
        app: path.join(srcDir, 'app'),
        ...entry,
      },
      output: {
        crossOriginLoading: 'anonymous',
        path: path.join(tempDir.name, 'dist'),
        filename: '[name].js',
        chunkFilename: '[name].js',
      },
      plugins,
    });
github feflow / builder-webpack4 / src / builder.ts View on Github external
static setSriPlugin() {
        return new SriPlugin({
            hashFuncNames: ['sha256', 'sha384']
        });
    }

webpack-subresource-integrity

Webpack plugin for enabling Subresource Integrity

MIT
Latest version published 2 years ago

Package Health Score

70 / 100
Full package analysis

Popular webpack-subresource-integrity functions