[
https://issues.apache.org/jira/browse/WICKET-6321?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16428647#comment-16428647
]
ASF GitHub Bot commented on WICKET-6321:
----------------------------------------
Github user svenmeier commented on the issue:
https://github.com/apache/wicket/pull/273
@tremel thanks for your usage example.
It seems to me we're mixing at least three topics in this pull request:
- JavaScriptReferenceHeaderItem needs integrity and and crossOrigin ... fine
- JavaScriptUtils#writeJavaScriptUrl() is getting to many parameters, maybe
an attribute map can help here?
- references cannot alter the attributes of their headerItem (besides the
url of course): defer, async, charset and now integrity and crossOrigin
IMHO we should solve the last issue separately and uniformly, i.e. not
IntegrityAttributed but maybe a broader interface for all attributes or just a
callback that allows the reference to alter the headerItem.
For now you could use an IHeaderResponseDecorator to set the attributes.
> Support Integrity and Crossorigin attributes for
> JavaScriptUrlReferenceHeaderItem
> ----------------------------------------------------------------------------------
>
> Key: WICKET-6321
> URL: https://issues.apache.org/jira/browse/WICKET-6321
> Project: Wicket
> Issue Type: Improvement
> Components: wicket
> Affects Versions: 8.0.0-M3
> Reporter: Mikhail Fursov
> Priority: Major
> Fix For: 8.0.0
>
> Attachments: CORS.zip, wicket-6321-20180306.diff, wicket-6321.diff
>
>
> Example of secure script reference:
> <script
> src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0-alpha.6/js/bootstrap.min.js";
> integrity="sha256-+kIbbrvS+0dNOjhmQJzmwe/RILR/8lb/+4+PUNVW09k="
> crossorigin="anonymous"></script>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
