apifrom.utils.sri ================= .. py:currentmodule:: apifrom.utils.sri Overview -------- **Classes** * :py:class:`SRIHashAlgorithm` * :py:class:`SRIMiddleware` **Functions** * :py:func:`generate_integrity_hash` * :py:func:`validate_integrity` Classes ------- .. py:class:: SRIHashAlgorithm:bases: str, enum.Enum str(object='') -> str str(bytes_or_buffer[, encoding[, errors]]) -> str Create a new string object from the given object. If encoding or errors is specified, then the object must expose a data buffer that will be decoded using the given encoding and error handler. Otherwise, returns the result of object.__str__() (if defined) or repr(object). encoding defaults to sys.getdefaultencoding(). errors defaults to 'strict'. Initialize self. See help(type(self)) for accurate signature. .. :: SHA256 .. :: SHA384 .. :: SHA512 .. py:class:: SRIMiddleware(algorithms = None, script_sources = None, style_sources = None, exempt_paths = None) Middleware for adding and verifying Subresource Integrity hashes. :param algorithms: List of hash algorithms to use :param script_sources: Mapping of script URLs to their content :param style_sources: Mapping of style URLs to their content :param exempt_paths: List of paths that should be exempt from integrity checks .. :: _integrity_cache :annotation: Dict[str, str] .. :: algorithms .. :: exempt_paths .. :: script_sources .. :: style_sources Functions --------- .. py:function:: generate_integrity_hash(content, algorithm = SRIHashAlgorithm.SHA384) Generates a Subresource Integrity hash for the given content. :param content: The content to generate the hash for :param algorithm: The hashing algorithm to use :returns: The integrity hash string .. py:function:: validate_integrity(content, integrity) Validates that the given content matches the provided integrity hash. :param content: The content to validate :param integrity: The integrity hash to validate against :returns: True if the content is valid, False otherwise