I run a Bitcoin wallet that uses browser side Javascript to encrypt and decrypt Bitcoin keys.
I want to make the javascript available for scrutiny on Github, and then load the javascript from the github repository.
My problem is I need to check the integrity of the loaded Javascript to ensure at hasn't been tampered with at Github.
How can I best do this ? Would it be something like.
There is (or soon WILL be) an elegant way to achieve this now (2 years after the question was asked).
http://www.w3.org/TR/SRI/
You can now specify the "integrity" parameter inside the script tag:
<script src="https://github.com/<path>/yourscript.js"
integrity="sha256-SDf......">
This won't work for the script loaded via an AJAX requests. But you can potentially reference scripts as script tags pointing at the CDN (ideally not at github directly)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With