GithubHelp home page GithubHelp logo

elhebert / laravel-sri Goto Github PK

View Code? Open in Web Editor NEW
40.0 3.0 15.0 187 KB

Subresource Integrity hash generator for laravel

License: MIT License

PHP 97.94% CSS 0.17% JavaScript 0.11% Blade 1.79%
laravel subresource-integrity hacktoberfest

laravel-sri's Introduction

Laravel Subresource Integrity

Software License StyleCI GitHub Workflow Status Latest Version on Packagist Total Downloads

Small Laravel 8+ package that'll generate the integrity hashes for your style and script files.

For Laravel 5.5+ support, use the v1 branch. For Laravel 6+ support, use the v2 branch.

About Subresources Integrity

From MDN:

Subresource Integrity (SRI) is a security feature that enables browsers to verify that files they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched file must match.

Troy Hunt wrote an article speaking on the subject, you can read it here

Installation

composer require elhebert/laravel-sri

This package uses auto-discovery, so you don't have to do anything. It works out of the box.

Config

If you want to make changes in the configuration you can publish the config file using

php artisan vendor:publish --provider="Elhebert\SubresourceIntegrity\SriServiceProvider"

Content of the configuration

key default value possible values
base_path base_path('/public')
algorithm sha256 sha256, sha384 and sha512
hashes [] (see "How to get a hash)
mix_sri_path public_path('mix-sri.json') (see "How to get a hash)
enabled true
dangerously_allow_third_party_assets false

Usage

To only get a hash, use Sri::hash:

<link
    href="{{ asset('css/app.css') }}"
    rel="stylesheet"
    integrity="{{ Sri::hash('css/app.css') }}"
    crossorigin="anonymous"
/>

To generate the HTML for the integrity and the crossorigin attributes, use Sri::html. It accepts two parameters:

  • first one is the path;
  • second one (default is false) tells if you want to pass the credentials when fetching the resource.
<link
    href="{{ asset('css/app.css') }}"
    rel="stylesheet"
    {{ Sri::html('css/app.css') }}
/>

Blade Component

Alternatively you can use blade components:

<x:sri.link href="css/app.css" rel="stylesheet" />
<!-- is the equivalent of doing -->
<link
    href="{{ asset('css/app.css') }}"
    rel="stylesheet"
    integrity="{{ Sri::hash('css/app.css') }}"
    crossorigin="anonymous"
/>

If you add a mix attributet to the component it'll use mix() instead of asset() to generate the link to the assets:

<x:sri.link mix href="css/app.css" rel="stylesheet" />
<!-- is the equivalent of doing -->
<link
    href="{{ mix('css/app.css') }}"
    rel="stylesheet"
    integrity="{{ Sri::hash('css/app.css') }}"
    crossorigin="anonymous"
/>

Improve performance

You should wrap your <link> and <script> tags with the @once directive to ensure that your tags are only rendered once. This will help with performances as it'll avoid a potential re-hashing of the files (in case you want to hash them on the fly).

Be careful that this should only be use for production as it won't re-render the html tag. Thus preventing new cache busting id to be added to the path by mix.

@once
<link
    href="{{ mix('css/app.css') }}"
    rel="stylesheet"
    integrity="{{ Sri::hash('css/app.css') }}"
    crossorigin="anonymous"
/>
<!-- Or using the blade component -->
<x:sri.link mix href="css/app.css" rel="stylesheet" />
@endonce

How to get a hash

Store hashes in the configuration

You can references the assets in the configuration like this:

[
    // ...

    'hashes' => [
        'css/app.css' => 'my_super_hash'
        'https://code.jquery.com/jquery-3.3.1.min.js' => 'sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8='
    ]
]

This means, you have to calculate the hashes yourself. To do this, you can use report-uri.io, mozilla hash generator or any other resource available.

Using a webpack (or Mix) plugin to generate hashes on build

It expect a mix-sri.json file with a similar structure to the mix-manifest.json:

{
    "/css/app.css": "my_super_hash",
    "/js/app.js": "my_super_hash"
}

The filename and path can be changed in the configuration at any time.

Self promotion: I made a Laravel Mix extension laravel-mix-sri for this purpose.

Generate them on the fly

If it can't find the asset hash in the config file nor in the mix-sri.json file, it'll generate the hash on each reload of the page.

This method is the least recommended, because it reduce performance and make your page load slower.

Remote resources

This package also work for remote resources. Be careful that resources like Google Fonts won't work.

<script
    src="http://code.jquery.com/jquery-3.3.1.min.js"
    integrity="{{ Sri::hash('http://code.jquery.com/jquery-3.3.1.min.js') }}"
    crossorigin="anonymous"
></script>

<!-- or with a blade component -->
<x:sri.script src="http://code.jquery.com/jquery-3.3.1.min.js"></x:sri-script>

Contributing

Please see CONTRIBUTING for more details.

License

This project and the Laravel framework are open-sourced software licensed under the MIT license.

laravel-sri's People

Contributors

dmitrijivanenko avatar dylan-dpc avatar elhebert avatar francar avatar glennmen avatar hdvinnie avatar juliomotol avatar laravel-shift avatar owenvoke avatar panjinamjaelf avatar phenixdotnet avatar thirsch avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

dmitrijivanenko phenixdotnet owenvoke dbsetyawan hebbet francar emzet bradleybensmith juliomotol glennmen panjinamjaelf laravel-shift ckovey korko thirsch

laravel-sri's Issues

(Suggestion) Sri::html optional parameter

Following the WHATWG spec, the crossorigin attribute default value, when the attribute is not omitted, is anonymous. This means that the following three declaration are the same:

  • crossorigin=""
  • crossorigin="anonymous"
  • crossorigin="i-duno-what-iam-typing"

So, this could lead to adding a $with_credentials optional parameter to Sri::html(), like this:

  • Sri::html('js/app.js') stays the same and add crossorigin="anonymous" (or crossorigin="" if we want to save some bits for the browser);
  • Sri::html('js/app.js', false) will do the same as previous line;
  • Sri::html('js/app.js', true) will add crossorigin="use-credentials", and could have an alias (Sri::withCredentials('js/app.js')).

What do you think?

Blade component tag name

I've upgraded to 3.0 today and wasn't able to use the Blade component tag as described. Am I doing it wrong? The code states sri.link and sri.script, the documentation sri-link and sri-script. Is there any magic within the blade system that should convert . to - and this is not the case in my installation?

@mixSri not reading ASSET_URL set in env

Hi again,

Our setup

We are serving our asset via CDN. In my env I've set the ASSET_URL to our CDN

ASSET_URL=https://cdnToken.cloudfront.net/

We also have mix.version() enabled in our webpack config.

The Problem

When using @mixSri('js/main.js'), it only outputs /js/main.js?id=versionToken as its src.

I tried using @assetSri(mix('js/main.js')) but it throws an invalid file exception since by using mix, the file no longer ends with .js

laravel-sri/src/SriServiceProvider.php

Lines 68 to 74 in 86ab899

if (Str::endsWith($path, 'css')) {
return $this->generateCssUrl($href, $integrity);
} elseif (Str::endsWith($path, 'js')) {
return $this->generateJsUrl($href, $integrity);
} else {
throw new \Exception('Invalid file');
}

$path on v1 branch is always null

Working to implement this on an older L5.6 site on PHP 7.4 using the v1 branch.

Config has been published and hashes are added:

    'hashes' => [
        'css/app.css' => 'sha384-redacted',
        'js/app.js' => 'sha384-redacted',
    ],

In my blade template:

    <link
        rel="stylesheet"
        href="{{ mix('/css/app.css') }}"
        integrity="{{ Sri::hash('css/app.css') }}"
        crossorigin="anonymous">

No matter what path I give inside Sri::hash() I'm always getting the following:

ErrorException(code: 0): array_key_exists() expects parameter 2 to be array, null given at /redacted/vendor/elhebert/laravel-sri/src/Sri.php:40)

If I debug at the top of the hash function $path is always null.

Invalid integrity attribute value when used with `laravel-mix-sri`

So I honestly have no idea if this is a bug with the Laravel framework integration or the manifest generated by the Mix plugin, so I'm logging it here for now because the PHP class seems to have an inconsistent behavior.

The integrity attribute should have a value such as integrity="sha384-<hash>", however, the Elhebert\SubresourceIntegrity\Sri class will generate integrity="<hash>" when a resource is found in a Mix manifest, and this causes the browser to not be able to process the attribute correctly.

The Mix plugin writes mix-sri.json without the algorithm prefix that the attribute requires, so when the Sri class reads from it, it's not prepending the algorithm to the hash in the JSON file. Compared to when the hash is generated at runtime, it does return a correctly prepended algorithm to the hash.

Error when using SRI on Laravel 9.6.0

Hello! I can't use SRI on Laravel 9.6.0, PHP 8.1.4
It writes:
module "C:/OpenServer/domains/lar.aficionado/node_modules/laravel-mix-sri/build/index"
The module declaration file "laravel-mix-sri" could not be found. "C:/OpenServer/domains/lar.aficionado/node_modules/laravel-mix-sri/build/index .js" has an implicit type of "any".
Try using the command "npm i --save-dev @types/laravel-mix-ru" if it exists, or add a new declaration file (.d.ts) containing "declare module 'laravel-mix-sri';".ts(7016)
image

Sri::hash generates wrong key

Hello, I'm started using "laravel-sri" with "laravel-mix-sri". It's working without any issues on local environment, but when I push changes on test/live I'm starting getting error messages in console:
None of the “sha256” hashes in the integrity attribute match the content of the subresource.

e.g.
example.js has hash - sha256-BxaPYc1tnHx2U8m/aKA8Sx9FEHlg6fvTDsWGCD7NGjA= in mix-sri.json
but Chrome requires whole different hash

Failed to find a valid digest in the 'integrity' attribute for resource 'xxx.com/assets/js/example.js?id=3fac7b922ddf2b2605cc177f81e781df' with computed SHA-256 integrity 'eQfO2c01V2pl0xVdxyXFNOjgpWQekJShYmr93w33pwA='. The resource has been blocked.

It looks like browser calculates different hashes, what should I do to fix this?

Laravel 5.8 Issue

When trying to update my application to Laravel 5.8 I am produced with a error that is coming from this package.

Class blade.compiler does not exist {"exception":"[object] (ReflectionException(code: -1): Class blade.compiler does not exist at /var/www/html/vendor/laravel/framework/src/Illuminate/Container/Container.php:794)

#0 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/Container.php(794): ReflectionClass->__construct('blade.compiler') #1 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/Container.php(671): Illuminate\\Container\\Container->build('blade.compiler') #2 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/Container.php(619): Illuminate\\Container\\Container->resolve('blade.compiler', Array) #3 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(757): Illuminate\\Container\\Container->make('blade.compiler', Array) #4 /var/www/html/vendor/laravel/framework/src/Illuminate/Container/Container.php(1233): Illuminate\\Foundation\\Application->make('blade.compiler') #5 /var/www/html/vendor/laravel/framework/src/Illuminate/Support/Facades/Facade.php(175): Illuminate\\Container\\Container->offsetGet('blade.compiler') #6 /var/www/html/vendor/laravel/framework/src/Illuminate/Support/Facades/Facade.php(144): Illuminate\\Support\\Facades\\Facade::resolveFacadeInstance('blade.compiler') #7 /var/www/html/vendor/laravel/framework/src/Illuminate/Support/Facades/Facade.php(231): Illuminate\\Support\\Facades\\Facade::getFacadeRoot() #8 /var/www/html/vendor/elhebert/laravel-sri/src/SriServiceProvider.php(39): Illuminate\\Support\\Facades\\Facade::__callStatic('directive', Array) #9 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(597): Elhebert\\SubresourceIntegrity\\SriServiceProvider->register() #10 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/ProviderRepository.php(75): Illuminate\\Foundation\\Application->register(Object(Elhebert\\SubresourceIntegrity\\SriServiceProvider)) #11 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(574): Illuminate\\Foundation\\ProviderRepository->load(Array) #12 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Bootstrap/RegisterProviders.php(17): Illuminate\\Foundation\\Application->registerConfiguredProviders() #13 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(210): Illuminate\\Foundation\\Bootstrap\\RegisterProviders->bootstrap(Object(Illuminate\\Foundation\\Application)) #14 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php(311): Illuminate\\Foundation\\Application->bootstrapWith(Array) #15 /var/www/html/vendor/laravel/framework/src/Illuminate/Foundation/Console/Kernel.php(120): Illuminate\\Foundation\\Console\\Kernel->bootstrap() #16 /var/www/html/artisan(37): Illuminate\\Foundation\\Console\\Kernel->handle(Object(Symfony\\Component\\Console\\Input\\ArgvInput), Object(Symfony\\Component\\Console\\Output\\ConsoleOutput)) #17 {main}

laravel/framework#27741

using version and SRI:hash together fails

webpack.mix.js

mix.version([
    "public/css/all.css",
]);

main.blade.php

<link 
    href="{{ mix("/css/all.css") }}"
    integrity="{{ Sri::hash("/css/all.css") }}" 
    rel="stylesheet"
>

in browser console show "None of the "sha256" hashes in the integrity attribute corresponds to the content of the subresource."

Hash is not updated when using with Browsersync

Hi, I'm using the @mixSri('path/to/file.js') directive and have mix.browsersync(3000) in my webpack config. Every time a change had been made and is hot reloaded, the hashes fails. Reloading the page sometime doesn't work. There are times that I need to php artisan view:clear then reload in order for it to work.

I'd suggest to have a config to enable or disable adding hash like you have in laravel-mix-sri doing mix.generateIntegrityHash({enabled: false})

UPDATE:
I did a workaround for this for the mean time. I created a public/mix-sri.json file and placed blank as their hash.

image

I hope this gets fixed soon

Add option to enable/disable

I'm working on my local with laravel-mix sometimes when I used npm run watch it return the follow error

Failed to find a valid digest in the 'integrity' attribute for resource 'http://localdomain.local/js/my_file.js' with computed SHA-384 integrity 'avsIfTUsuvuApNQVkz/IcsKC3iPmSSuZR3vbgtI+5Ezqyy1/RgGBVJMiz3gIgCbO'. The resource has been blocked.

But if I ran npm run prod (mix --production) it works. So I need to compile everything in order to make it work, I don't know how to solve it. I try to php artisan optimize or install everything again. But in any case it doesn't work.

So, could you add a option to add env variable to enable/disable the integrity validator?

Release support for laravel 11

Hello - please would it be possible to cut a release which is compatible with Laravel 11?

I am currently using version 3.2.0 which is the latest available from packagist.

Following upgrade guide here from laravel 10 to 11 https://laravel.com/docs/11.x/upgrade and do the composer update, I get a failure message:

$ composer update
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Conclusion: don't install elhebert/laravel-sri 3.2.0 (conflict analysis result)
    - Root composer.json requires elhebert/laravel-sri ^3.1 -> satisfiable by elhebert/laravel-sri[3.1.0, 3.2.0].

Thank you very much!

Support for php 8 in 2.* branch

As laravel 6 is now compatible to php 8 and also it's currently the LTS version, maybe you should also provide php 8 support in your 2.* branch?

Release support for laravel 10

Hello - please would it be possible to cut a release which is compatible with Laravel 10?

I am currently using version 3.1.0 which is the latest available from packagist.

Following upgrade guide here from laravel 9 to 10 https://laravel.com/docs/10.x/upgrade and do the composer update, I get a failure message:

$ composer update
Loading composer repositories with package information
Info from https://repo.packagist.org: #StandWithUkraine
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires elhebert/laravel-sri ^3.1 -> satisfiable by elhebert/laravel-sri[3.1.0].
    - Conclusion: don't install laravel/framework v10.0.2 (conflict analysis result)

Thank you very much!

add example of use @mixSri and @assetSri

I try to use @mixSri as

@mixSri('/build/css/all.css')

and it get me error Undefined index: /'/build/css/all.css'
after debugging it work in this case

@mixSri(/build/css/all.css)

please add example of use to documentation

Non-static method

Hi
I have laravel 5.5 and try to use your package/
in blade view I have "@assetSri( "/css/all.css")"

and this produce error
Non-static method Elhebert\SubresourceIntegrity\Sri::html() should not be called statically (View: /home/pol/www/crypto-cloud-site/resources/views/layouts/main.blade.php)
in …
/vendor
/elhebert
/laravel-sri
/src
/SriServiceProvider.php
48

Strange Error 

file not found (View: /var/www/html/resources/views/partials/head.blade.php) (View: /var/www/html/resources/views/partials/head.blade.php) (View: /var/www/html/resources/views/partials/head.blade.php) {"userId":11553,"email":"[email protected]","exception":"[object] (ErrorException(code: 0): file not found (View: /var/www/html/resources/views/partials/head.blade.php) (View: /var/www/html/resources/views/partials/head.blade.php) (View: /var/www/html/resources/views/partials/head.blade.php) at /var/www/html/vendor/elhebert/laravel-sri/src/Sri.php:75, ErrorException(code: 0): file not found (View: /var/www/html/resources/views/partials/head.blade.php) (View: /var/www/html/resources/views/partials/head.blade.php) at /var/www/html/vendor/elhebert/laravel-sri/src/Sri.php:75, ErrorException(code: 0): file not found (View: /var/www/html/resources/views/partials/head.blade.php) at /var/www/html/vendor/elhebert/laravel-sri/src/Sri.php:75, Exception(code: 0): file not found at /var/www/html/vendor/elhebert/laravel-sri/src/Sri.php:75)

I keep seeing this error in my logs. Seems some have issues viewing site now after installing package.

the partial contains the following

<meta charset="UTF-8">
@section('title')
    <title>{{ config('other.title') }} - {{ config('other.subTitle') }}</title>
@show

<meta name="description" content="{{ config('other.meta_description') }}">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="_base_url" content="{{ route('home') }}">
<meta name="csrf-token" content="{{ csrf_token() }}">

@yield('meta')

<link rel="shortcut icon" href="{{ url('/favicon.ico') }}" type="image/x-icon">
<link rel="icon" href="{{ url('/favicon.ico') }}" type="image/x-icon">

<link rel="stylesheet" href="{{ mix('css/app.css') }}" integrity="{{ Sri::hash('css/app.css') }}" crossorigin="anonymous">

@if (auth()->user()->style == 1)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 2)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-blue.css') }}" integrity="{{ Sri::hash('css/themes/dark-blue.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 3)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-green.css') }}" integrity="{{ Sri::hash('css/themes/dark-green.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 4)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-pink.css') }}" integrity="{{ Sri::hash('css/themes/dark-pink.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 5)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-purple.css') }}" integrity="{{ Sri::hash('css/themes/dark-purple.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 6)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-red.css') }}" integrity="{{ Sri::hash('css/themes/dark-red.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 7)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-teal.css') }}" integrity="{{ Sri::hash('css/themes/dark-teal.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 8)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-yellow.css') }}" integrity="{{ Sri::hash('css/themes/dark-yellow.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 9)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/blutopian.css') }}" integrity="{{ Sri::hash('css/themes/blutopian.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 10)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/halloween.css') }}" integrity="{{ Sri::hash('css/themes/halloween.css') }}" crossorigin="anonymous">
@elseif (auth()->user()->style == 11)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}" integrity="{{ Sri::hash('css/themes/galactic.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/blutopian.css') }}" integrity="{{ Sri::hash('css/themes/blutopian.css') }}" crossorigin="anonymous">
    <link rel="stylesheet" href="{{ mix('css/themes/christmas.css') }}" integrity="{{ Sri::hash('css/themes/christmas.css') }}" crossorigin="anonymous">
@endif

@if (isset(auth()->user()->custom_css))
    <link rel="stylesheet" href="{{ auth()->user()->custom_css }}" integrity="{{ Sri::hash(auth()->user()->custom_css) }}" crossorigin="anonymous">
@endif

@yield('stylesheets')

If i revert it all works fine.

<meta charset="UTF-8">
@section('title')
    <title>{{ config('other.title') }} - {{ config('other.subTitle') }}</title>
@show

<meta name="description" content="{{ config('other.meta_description') }}">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="_base_url" content="{{ route('home') }}">
<meta name="csrf-token" content="{{ csrf_token() }}">

@yield('meta')

<link rel="shortcut icon" href="{{ url('/favicon.ico') }}" type="image/x-icon">
<link rel="icon" href="{{ url('/favicon.ico') }}" type="image/x-icon">

<link rel="stylesheet" href="{{ mix('css/app.css') }}">

@if (auth()->user()->style == 1)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
@elseif (auth()->user()->style == 2)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-blue.css') }}">
@elseif (auth()->user()->style == 3)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-green.css') }}">
@elseif (auth()->user()->style == 4)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-pink.css') }}">
@elseif (auth()->user()->style == 5)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-purple.css') }}">
@elseif (auth()->user()->style == 6)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-red.css') }}">
@elseif (auth()->user()->style == 7)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-teal.css') }}">
@elseif (auth()->user()->style == 8)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/dark-yellow.css') }}">
@elseif (auth()->user()->style == 9)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/blutopian.css') }}">
@elseif (auth()->user()->style == 10)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/halloween.css') }}">
@elseif (auth()->user()->style == 11)
    <link rel="stylesheet" href="{{ mix('css/themes/galactic.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/blutopian.css') }}">
    <link rel="stylesheet" href="{{ mix('css/themes/christmas.css') }}">
@endif

@if (isset(auth()->user()->custom_css))
    <link rel="stylesheet" href="{{ auth()->user()->custom_css }}">
@endif

@yield('stylesheets')

Unit tests

What do you think about some unit tests?

Typo in installation instructions

When I run command composer require elhebert/laravel-sri@^1.5.2 get this error:

[InvalidArgumentException]
  Could not find a matching version of package elhebert/[email protected]. Check the package spelling, your version constraint and that the package is available in a stability which matches your minimum-stability (dev).

It should be:

composer require elhebert/laravel-sri ^1.5.2 or composer require elhebert/laravel-sri:^1.5.2

then package installs correctly.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.