Enable Subresource Integrity on Web

[dani-garcia]

🎟️ Tracking

📔 Objective

I've been looking into ways to allow users to verify the authenticity of the web vault, in a very similar way to https://github.com/tasn/webext-signed-pages

The first step for that is enabling SRI so all the scripts that we load from the index.html are cryptographically checked against their hash.

This is working locally for me but needs more testing, specially it would be important to make sure any CDNs that serve the web vault don't modify the files in any way, as they'd refuse to load.

📸 Screenshots

⏰ Reminders before review

• Contributor guidelines followed
• All formatters and local linters executed and passed
• Written new unit and / or integration tests where applicable
• Protected functional changes with optionality (feature flags)
• Used internationalization (i18n) for all UI strings
• CI builds passed
• Communicated to DevOps any deployment requirements
• Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

• 👍 (:+1:) or similar for great changes
• 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
• ❓ (:question:) for questions
• 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
• 🎨 (:art:) for suggestions / improvements
• ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
• 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
• ⛏ (:pick:) for minor or nitpick changes

[github-actions]

Checkmarx One – Scan Summary & Details – f998768c-3711-48e2-b147-cabb623762ae

Great job, no security vulnerabilities found in this Pull Request

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 35.10%. Comparing base (3f05a5e) to head (db40776).

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #13055   +/-   ##
=======================================
  Coverage   35.10%   35.10%           
=======================================
  Files        3000     3000           
  Lines       91320    91320           
  Branches    17094    17094           
=======================================
  Hits        32062    32062           
  Misses      56754    56754           
  Partials     2504     2504           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.