One way to avoid embedding third-party resources is for each Tool or Cloud VPS project to store a local copy of the resource and serve it directly to the visiting user. This works well from a technical point of view, but can be a maintenance burden for the application developer. It also defeats some of the benefits of using a content distribution network (CDN) like Google fonts where commonly used resources from many applications can share a single locally cached resource in the local web browser.
You can use these assets in your tools now!
- https://tools.wmflabs.org/fontcdn/ - provides the web search interface for over 800 font families, from Open Sans to Ubuntu Mono
- https://tools.wmflabs.org/cdnjs/ - the full listing of over 3,000 libraries, from Angular to React
Please give us feedback on how these features could be further improved, submit patches, or just show us how you are using them!
This is a brilliant service!
Is it possible to add a thing that provides the integrity attribute value for JS and CSS assets? e.g. the output of something like:
cat bootstrap.min.css | openssl dgst -sha384 -binary | openssl base64 -A
Or is that not required (come to think of it) for non-cross-domain requests...
Oh, it seems maybe CDNJS already might do this, judging by https://github.com/cdnjs/cdnjs/issues/4599#issuecomment-243487346 — but perhaps the version on Toolforge doesn't yet?
@Samwilson this sounds like something worth opening a task for. We don't run the same frontend or build script as the upstream, so what needs to be done here is to update our cdnjs-packages-gen script to compute the hashes when we update the repo mirror and then update rTCJS labs/tools/cdnjs-index to display the hashes somehow. We don't have a specific Phab project for cdnjs, so just tag it with Tools.