Google Fonts fails to hash

Question

Google Fonts fails to hash

Closed this issue 8 years ago · 5 comments

WillModernTrainingSolutions commented 8 years ago

This is the attempted URL:

https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700,800

It produces the error message:

<!-- Warning: Unrecognized content-type. Are you sure this is the right resource? -->

When run here:

https://www.srihash.org/

Answer 1 · 2017-01-06T22:09:58.000Z

That's odd. The content type does appear to be set correctly on the server side:

$ curl --head 'https://fonts.googleapis.com/css?family=Open+Sans:400,600,300,700,800'
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8

and text/css is what we're looking for in the code.

Answer 2 · 2017-01-09T07:57:15.000Z

Maybe this got broken in sri-toolbox?
neftaly/npm-sri-toolbox@2523cd7

Answer 3 · 2017-01-09T18:59:41.000Z

Ah indeed, it's @jonathanKingston 's fault :)

I guess that commit should be reverted and we should release a new version of sri-toolbox?

Answer 4 · 2017-01-09T19:36:55.000Z

Probably not reverted as it's not like SRI supports outputting content type either. Let me debug and fix.

…

On Mon, 9 Jan 2017, 18:59 Francois Marier, ***@***.***> wrote: Ah indeed, it's @jonathanKingston <https://github.com/jonathanKingston> 's fault :) I guess that commit should be reverted and we should release a new version of sri-toolbox? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#158 (comment)>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAUsLLQZ5JQwasO7AqjW3LWaoBIJ2axVks5rQoOdgaJpZM4LcxgF> .

Answer 5 · 2017-01-11T02:16:54.000Z

So SRI toolbox was actually just returning "" for the content as it wasn't being passed one which made all this code work. However I don't think the check worked for when being given an invalid content type either.

Either way the right thing was to switch this to checking the response content-type headers which we were not doing.