Subresource Integrity(SRI) Implementation with AEM Client Libraries

Avatar

Avatar
Validate 1
Level 1
pankajk19193341
Level 1

Like

1 like

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile

Avatar
Validate 1
Level 1
pankajk19193341
Level 1

Like

1 like

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile
pankajk19193341
Level 1

02-11-2017

Hi,

I am working on a client requirement to implement subresource integrity on our website to make it more secure, which would require adding attribute named "integrity" with cryptographic digest of client library to client lib JS/CSS file reference.

As it would require certain degree of customization, I wanted to check if anyone has implemented this feature with AEM.

Thanks in Advance,

Pankaj

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Establish
Community Manager
kautuk_sahni
Community Manager

Likes

1,200 likes

Total Posts

6,394 posts

Correct reply

1,147 solutions
Top badges earned
Establish
Coach
Originator
Contributor 2
Contributor
View profile

Avatar
Establish
Community Manager
kautuk_sahni
Community Manager

Likes

1,200 likes

Total Posts

6,394 posts

Correct reply

1,147 solutions
Top badges earned
Establish
Coach
Originator
Contributor 2
Contributor
View profile
kautuk_sahni
Community Manager

02-11-2017

The way I can think here is:

1. Manually

2. You need to create your tag which uses the HtmlLibraryManager to get the list of includes for a particular category (or set of categories) and use those to output the appropriate HTML.

// HtmlLibraryManager provides access to repository defined html libraries.

Reference Git Project :- GitHub - nateyolles/aem-clientlib-async: Create AEM clientlibs that can output 'async', 'defer' and ...

// To Create AEM clientlibs that can output 'async', 'defer' and 'onload' attributes on your HTML script elements.

Meanwhile, i have asked internal experts to share their thoughts on this.

~kautuk

Answers (3)

Answers (3)

Avatar

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,442 likes

Total Posts

3,318 posts

Correct reply

941 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile

Avatar
Coach
MVP
Arun_Patidar
MVP

Likes

1,442 likes

Total Posts

3,318 posts

Correct reply

941 solutions
Top badges earned
Coach
Contributor 2
Ignite 10
Give Back 700
Boost 1000
View profile
Arun_Patidar
MVP

04-06-2018

Hi Vijender,

Yes, integrity attribute does not supported in IE.

FeatureChromeFirefox (Gecko)Internet ExplorerOperaSafari
The integrity attribute for <script> and <link>45.043 (43)No support3211 [1]

more info - Subresource Integrity - Web security | MDN

Thanks

Arun

Avatar

Avatar
Level 1
vijender_21
Level 1

Likes

0 likes

Total Posts

1 post

Correct reply

0 solutions
View profile

Avatar
Level 1
vijender_21
Level 1

Likes

0 likes

Total Posts

1 post

Correct reply

0 solutions
View profile
vijender_21
Level 1

04-06-2018

Hi Pankaj,

Did you get SRI implemented in your site and it seems it is not supported in IE.

Please update.

Thanks,

Vijender

Avatar

Avatar
Validate 1
Level 1
pankajk19193341
Level 1

Like

1 like

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile

Avatar
Validate 1
Level 1
pankajk19193341
Level 1

Like

1 like

Total Posts

2 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile
pankajk19193341
Level 1

03-11-2017

Thanks Kautuk for the direction, it definitely looks promising. I will update here if I am able to leverage it to achieve SRI with clientslibs.

Looking forward for more feedback.