Security/Subresource Integrity: Difference between revisions
< Security
Jump to navigation
Jump to search
(→Engineering: add code walkthrough) |
(→QA: update name of the environment variable) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 29: | Line 29: | ||
== QA == | == QA == | ||
The automated tests live in these two places: | |||
* [https://hg.mozilla.org/mozilla-central/file/f1dffc8682fb/dom/security/test/sri dom/security/test/sri/] | |||
* [https://hg.mozilla.org/mozilla-central/file/f1dffc8682fb/testing/web-platform/tests/subresource-integrity testing/web-platform/tests/subresource-integrity/] | |||
To turn on debugging output, export the following environment variable: | To turn on debugging output, export the following environment variable: | ||
MOZ_LOG="SRI:5,SRIMetadata:5" | |||
== Evangelism == | == Evangelism == | ||
* [https://srihash.org SRI Hash Generator] | * [https://srihash.org SRI Hash Generator] ([https://github.com/mozilla/srihash.org source code]) | ||
== Documentation == | == Documentation == | ||
Latest revision as of 23:13, 16 May 2017
Description
Subresource Integrity is a mechanism by which user agents may verify that a fetched resource has been delivered without unexpected manipulation. It landed in Firefox 43.
Engineering
The bulk of the code lives in these two classes:
which hook into:
- layout/style/Loader.cpp (CSS loader)
- dom/base/nsScriptLoader.cpp (Script loader)
Both of these hooks work in the same way:
- We start by creating an SRIMetadata object from the content of the integrity attribute as we process the element:
- We then wait until the file is downloaded and check that the hash of the contents matches the SRI hash:
- We return NS_ERROR_SRI_CORRUPT, which fails the load and triggers the error event on that element, if the hashes don't match.
QA
The automated tests live in these two places:
To turn on debugging output, export the following environment variable:
MOZ_LOG="SRI:5,SRIMetadata:5"