Hi, I'm trying to use this package in combination with whitenoise. every time I launch my app the browser always refuses to load my static files with the error "filed to find a valid digest in the 'integrity' attribute for resource ". so far I have tested this package on 5 of my CSS files, 1 bootstrap.css + 3 fontawesome.css + 1 my-site.css. Out of those 5 files, only bootstrap.css is loaded by the browser, the remaining are refused. After a little bit of investigation, I found that the integrity attribute's value outputted in the HTML is different from the one being evaluated by the browser. For example,
index.html
<link crossorigin="anonymous" href="/static/home/css/my-site.css" integrity="sha512-GG4sC/4GQsd1r0sXkr0I6cwTZCB1upbMybxD3agscaBX8BOX9IQQyfOqZfX//Z49t2e0u5NbbnBDO6ABGnCtUQ==" rel="stylesheet" type="text/css"/>
<link crossorigin="anonymous" href="/static/fonts/fontawesome-all.min.css" integrity="sha512-HHwKq7saKrGPCHieLofpt4AsI/OYFTVsra9mBimKDJeM//F4yP35Tms3Tj+QetdJgcPxedlzWC2w2qDSdGMujw==" rel="stylesheet" type="text/css"/>
127.0.0.1/:1 Failed to find a valid digest in the 'integrity' attribute for resource 'http://127.0.0.1:8000/static/home/css/my-site.css' with computed SHA-512 integrity 'VQzFTxndLuJU0O201uJZbuSKtlF6RmM/G2LieKu+UB2XM36D4p6lFSK9CRqXb9S/FVLmelzW5q/te2Rq/J2oGw=='. The resource has been blocked.
127.0.0.1/:1 filed to find a valid digest in the 'integrity' attribute for resource 'http://127.0.0.1:8000/static/fonts/fontawesome-all.min.css' with computed SHA-512 integrity '0FCInaWP5g0YTtgrftFRJrLPwUPsAwGLYAEbhhmOyleGWfxiseFAuV4ifxaekiQ1luaRZ7amW8fPIo96ijocUQ=='. The resource has been blocked.
The only solution that actually fixed my problem is removing whitenoise package. Yet in your documentation you say
"Does this work with whitenoise or alike?"
Yes. django-sri outputs the static file URL in the same way the builtin static template tag does. This means the correct cachebusted URLs are output.
When using a manifest STATICFILES_STORAGE, django-sri will automatically retrieve the hashed and post-processed file as opposed to the original.
DEBUG = True
INSTALLED_APPS = [
.....
'whitenoise.runserver_nostatic', #for local development
'django.contrib.staticfiles',
.....
'sri',
]
MIDDLEWARE = ['django.middleware.security.SecurityMiddleware',
'whitenoise.middleware.WhiteNoiseMiddleware',
.......
]
STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
STATIC_URL = "/static/"
STATICFILES_DIRS = [
BASE_DIR / "static",
]
MEDIA_URL = 'media/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
STORAGES = {
"default": {
"BACKEND": "django.core.files.storage.FileSystemStorage",
},
'staticfiles': {
"BACKEND": "whitenoise.storage.CompressedManifestStaticFilesStorage",
}
}
USE_SRI = True