Secure content and static web sites

I have a static web page that loads from IPFS. It has a stylesheet that is loaded. This works fine until I enable my local IPFS node. Because my local IPFS node is insecure, the page fails to load the CSS file. These files are pinned on my gateway node, that is secure.

Everything works as long as I do not have my local node running. The easy solution is to paste the CSS code directly into the web HTML file. But that makes for a messy code. I also want to move lots of JS code to separate .js files that may have the same issue.

For many users, this is not a problem, but for users who are running their insecure nodes, it presents a problem.

Here is a page that works if it is not passing through your local IPFS node:

Any thoughts?

1 Like

I figured it out:

  href="IPFS URL">

You have to use openssl to generate the hash:

openssl dgst -sha384 -binary style.css | openssl base64 -A

1 Like

What is funny is because the files are in IPFS, the cross-origin integrity check is redundant :slight_smile:

1 Like