sha256 function

36928495 · November 26, 2016, 2:01pm

Currently their are the md5 and sha1 functions. It would be great if SHA256 were also supported.

Because then combined with the base64 and readFile functions, the integrity html attribute could be used.

Example:

<script src="/behaviour.js" integrity="sha256-{{ (sha256 (readFile "static/behaviour.js")) | base64Encode }}"></script>

bep · November 26, 2016, 6:11pm

A sha256 func pull request is welcomed – but note that without any caching, adding that script definition to a partial that is included in every template will be veeeery heavy in the performance department.

digitalcraftsman · December 4, 2016, 3:05pm

I submitted a pull request that is already merged.

36928495 · December 21, 2016, 1:28pm

To anyone who has searched for the integrity attribute:

Note that the above example will work, but won’t be valid.
The sha256 function outputs a hexadecimal value, but what is needed, is binary.

The documentation clearly states that the return value will be a checksum, instead of a digest. Excuse the noise.

carlmjohnson · April 27, 2017, 10:05pm

Interesting. I think a better approach is to write a tool that creates an integrity-manifest.json and puts it into the /data/ directory so that Hugo can access it that way. It prevents you’re needing to recalculate for every page, as BEP noted is a drawback of having it in the template.

Topic		Replies	Views
Sha256 question support	11	613	February 2, 2019
Generate inline script SHA for Content-Security-Policy support	7	1539	October 8, 2018
Incorrect SHA256 value for integrity attribute with fingerprint function: "failed to find a valid digest" support pipes	10	7274	June 20, 2023
Page Verification / Hashing support	3	440	August 6, 2021
Hash 256 for _header files support	18	1074	June 11, 2022

sha256 function

Related topics