Hacker News new | past | comments | ask | show | jobs | submit login

The site is AJAX so all files (HTML, JS) are static. I am perfectly fine copy-pasting the hashes manually each time I roll out the new version, like this file:

  file1.html 123112
  scripts/script1.js 333222
  scripts/script2.js 444555
The dynamic part of the site comes from a database, but there is no logic in it - only code, and thus possibility to inject malicious sctript, odd behavior or offensive visual through hacking the web site is vastly reduced by verifying hashes and alerting me about any changes.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: