In Firefox 43 and Chrome 45 there will be support for Subresource
Iintegrity (SRI). More information here:
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
Closes #17729 by merging a tweaked version of it.
expo: http://expo.getbootstrap.com
cdn:
+ # See https://www.srihash.org for info on how to generate the hashes
css: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
+ css_hash: "sha512-dTfge/zgoMYpP7QbHy4gWMEGsbsdZeCXz7irItjcC3sPUFtf0kuFbDz/ixG7ArTxmDjLXDmezHubeNikyKGVyQ=="
css_theme: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap-theme.min.css
+ css_theme_hash: "sha384-aUGj/X2zp5rLCbBxumKTCw2Z50WgIr1vs/PFN4praOTvYXWlVyh2UtNUU0KAUhAX"
js: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
+ js_hash: "sha512-K1qjQ+NcF2TYO/eI3M6v8EiNYZfA95pQumfvcVrTHtwQVDG+aHRqLi/ETn2uB+1JqwYqVG3LIvdm9lj6imS/pQ=="
<p>The folks over at <a href="https://www.maxcdn.com/">MaxCDN</a> graciously provide CDN support for Bootstrap's CSS and JavaScript. Just use these <a href="https://www.bootstrapcdn.com/">Bootstrap CDN</a> links.</p>
{% highlight html %}
<!-- Latest compiled and minified CSS -->
-<link rel="stylesheet" href="{{ site.cdn.css }}">
+<link rel="stylesheet" href="{{ site.cdn.css }}" integrity="{{ site.cdn.css_hash }}" crossorigin="anonymous">
<!-- Optional theme -->
-<link rel="stylesheet" href="{{ site.cdn.css_theme }}">
+<link rel="stylesheet" href="{{ site.cdn.css_theme }}" integrity="{{ site.cdn.css_theme_hash }}" crossorigin="anonymous">
<!-- Latest compiled and minified JavaScript -->
-<script src="{{ site.cdn.js }}"></script>
+<script src="{{ site.cdn.js }}" integrity="{{ site.cdn.js_hash }}" crossorigin="anonymous"></script>
{% endhighlight %}
<h2 id="download-bower">Install with Bower</h2>
projects / thirdparty / bootstrap.git / commitdiff
