diff options
| author | Chris Rebert <[email protected]> | 2015-10-23 22:35:22 -0700 |
|---|---|---|
| committer | Chris Rebert <[email protected]> | 2015-10-23 22:35:22 -0700 |
| commit | 3bc5fb947dabc2ec2ab52bbd29cb978a8a8f54f3 (patch) | |
| tree | 0b36098860821570164cbeadd3a2f787860b13e4 | |
| parent | a30a5bb9b5129a012e7668ce1340ad86d18af822 (diff) | |
| download | bootstrap-3bc5fb947dabc2ec2ab52bbd29cb978a8a8f54f3.tar.xz bootstrap-3bc5fb947dabc2ec2ab52bbd29cb978a8a8f54f3.zip | |
Port #17729 to v4: Add SRI hashes to CDN links in docs
[skip sauce]
| -rw-r--r-- | _config.yml | 3 | ||||
| -rw-r--r-- | docs/getting-started/introduction.md | 8 | ||||
| -rw-r--r-- | docs/index.html | 4 |
3 files changed, 9 insertions, 6 deletions
diff --git a/_config.yml b/_config.yml index 7aa58d120..56b538a88 100644 --- a/_config.yml +++ b/_config.yml @@ -36,6 +36,9 @@ expo: http://expo.getbootstrap.com themes: http://themes.getbootstrap.com cdn: + # See https://www.srihash.org for info on how to generate the hashes css: https://cdn.rawgit.com/twbs/bootstrap/v4-dev/dist/css/bootstrap.css + css_hash: "sha384-XXXXXXXX" js: https://cdn.rawgit.com/twbs/bootstrap/v4-dev/dist/js/bootstrap.js + js_hash: "sha384-XXXXXXXX" jquery: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js diff --git a/docs/getting-started/introduction.md b/docs/getting-started/introduction.md index 03c1079dc..9fe3103e5 100644 --- a/docs/getting-started/introduction.md +++ b/docs/getting-started/introduction.md @@ -21,14 +21,14 @@ Looking to quickly add Bootstrap to your project? Use the Bootstrap CDN, provide Copy-paste the stylesheet `<link>` into your `<head>` before all other stylesheets to load our CSS. {% highlight html %} -<link rel="stylesheet" href="{{ site.cdn.css }}"> +<link rel="stylesheet" href="{{ site.cdn.css }}" integrity="{{ site.cdn.css_hash }}" crossorigin="anonymous"> {% endhighlight %} Add our JavaScript plugins and jQuery near the end of your pages, right before the closing `</body>` tag. Be sure to place jQuery first as our code depends on it. {% highlight html %} <script src="{{ site.cdn.jquery }}"></script> -<script src="{{ site.cdn.js }}"></script> +<script src="{{ site.cdn.js }}" integrity="{{ site.cdn.js_hash }}" crossorigin="anonymous"></script> {% endhighlight %} And that's it—you're on your way to a fully Bootstrapped site. If you're at all unsure about the general page structure, keep reading for an example page template. @@ -53,14 +53,14 @@ Put it all together and your pages should look like this: <meta http-equiv="x-ua-compatible" content="ie=edge"> <!-- Bootstrap CSS --> - <link rel="stylesheet" href="{{ site.cdn.css }}"> + <link rel="stylesheet" href="{{ site.cdn.css }}" integrity="{{ site.cdn.css_hash }}" crossorigin="anonymous"> </head> <body> <h1>Hello, world!</h1> <!-- jQuery first, then Bootstrap JS. --> <script src="{{ site.cdn.jquery }}"></script> - <script src="{{ site.cdn.js }}"></script> + <script src="{{ site.cdn.js }}" integrity="{{ site.cdn.js_hash }}" crossorigin="anonymous"></script> </body> </html> {% endhighlight %} diff --git a/docs/index.html b/docs/index.html index 45cf7eb61..47c469c42 100644 --- a/docs/index.html +++ b/docs/index.html @@ -33,8 +33,8 @@ title: Bootstrap · The world's most popular mobile-first and responsive f <p>When you just need to include Bootstrap's compiled CSS and JS, use the Bootstrap CDN, free from the Max CDN folks.</p> {% comment %} {% highlight html %} -<link rel="stylesheet" href="{{ site.cdn.css }}"> -<script src="{{ site.cdn.js }}"></script> +<link rel="stylesheet" href="{{ site.cdn.css }}" integrity="{{ site.cdn.css_hash }}" crossorigin="anonymous"> +<script src="{{ site.cdn.js }}" integrity="{{ site.cdn.js_hash }}" crossorigin="anonymous"></script> {% endhighlight %} {% endcomment %} <p class="text-muted">Not yet available, but hopefully soon!</p> |