2017-03-26, 08:45 AM
We could implement something that automatically detects if you're linking to external libraries (i.e. your own CDN or other 3rd party libraries such as Bootstrap & Font Awesome) to automatically generate SRI compliant includes.
Worth noting: SRI isn't supported by all browsers yet but the ones that don't support it just ignore the integrity part and stylesheets are still loaded without breaking anything. Which is the expected behavior at the time of posting this thread.
https://www.srihash.org – a website you can use to generate this kind of link if you're looking for an example.
https://developer.mozilla.org/en-US/docs..._Integrity – more information on SRI including compatibility.
Worth noting: SRI isn't supported by all browsers yet but the ones that don't support it just ignore the integrity part and stylesheets are still loaded without breaking anything. Which is the expected behavior at the time of posting this thread.
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" integrity="sha384-wvfXpqpZZVQGK6TAh5PVlGOfQNHSoD2xbE+QkPxCAFlNEevoEH3Sl0sibVcOQVnN" crossorigin="anonymous">
https://www.srihash.org – a website you can use to generate this kind of link if you're looking for an example.
https://developer.mozilla.org/en-US/docs..._Integrity – more information on SRI including compatibility.