Revert #301 Add SRI

This is a manual revert, as the PR could not be reverted automatically.
We're reverting this PR because there is a bug in the SRI implementation
of Firefox versions upto 52 which at time of writing accounts for 0.7% of
total traffic (~315k users).  We still want to implement SRI, but for now
we're holding off until we'd impact fewer users.

CHANGELOG.md

@@ -1,3 +1,7 @@
+# Development
+
+- Revert SRI to avoid breaking the site for Firefox users on versions less than 52 [PR #308](https://github.com/alphagov/govuk_template/pull/301)
+
 # 0.21.0
 
 - Adds SRI to js and css assets ([PR #301](https://github.com/alphagov/govuk_template/pull/301)). This requires `sprockets-rails` >= 3.0 in the projects using this gem.

build_tools/compiler/template_processor.rb

@@ -1,10 +1,7 @@
 require 'erb'
-require 'active_support/core_ext/hash'
-require 'active_support/core_ext/array'
 
 module Compiler
   class TemplateProcessor
-
     def initialize(file)
       @file = file
       @is_stylesheet = !!(file =~ /\.css\.erb\z/)
@@ -41,53 +38,5 @@ def asset_path(file, options={})
     def method_missing(name, *args)
       puts "#{name} #{args.inspect}"
     end
-
-    def stylesheet_link_tag(*sources)
-      options = exclude_sri_fields(sources.extract_options!)
-      sources.uniq.map { |source|
-        link_options = {
-            "rel" => "stylesheet",
-            "media" => "screen",
-            "href" => asset_path(source)
-        }.merge!(options)
-        tag(:link, tag_options(link_options))
-      }.join("\n")
-    end
-
-    def javascript_include_tag(*sources)
-      options = exclude_sri_fields(sources.extract_options!)
-      sources.uniq.map { |source|
-        script_options = {
-            "src" => asset_path(source)
-        }.merge!(options)
-        content_tag(:script, tag_options(script_options))
-      }.join("\n")
-    end
-
-    def exclude_sri_fields(options)
-      options.stringify_keys.except("integrity", "crossorigin")
-    end
-
-    def content_tag(name, options = nil)
-      "<#{name}#{options}></#{name}>"
-    end
-
-    def tag(name, options)
-      "<#{name}#{options}/>"
-    end
-
-    def tag_options(options)
-      return if options.empty?
-      output = "".dup
-      sep    = " "
-      options.each_pair do |key, value|
-        if !value.nil?
-          output << sep
-          output << %(#{key}="#{value}")
-        end
-      end
-      output unless output.empty?
-    end
-
   end
 end

docs/using-with-rails.md

@@ -38,20 +38,3 @@ Or to add content to `<head>`, for stylesheets or similar:
 ```
 
 Check out the [full list of blocks](template-blocks.md) you can use to customise the template.
-
-## SRI 
-
-`govuk_template` >= 20.0.0 can be used together with `sprockets-rails` >= 3.0.0 in order to make use of the SRI 
-
-You can read more about SRI [here](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity).
-
-SRI will add an `integrity` attribute on your script tags:
-
-`<script src="https://example.com/example.css" 
-integrity="sha384oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8w" 
-crossorigin="anonymous"></script>`
-
-The example above is generated automatically by sprockets-rails in your project if the integrity option is set to true:
-
-`<%= stylesheet_script_tag 'example', integrity: true %>`
-

source/views/layouts/govuk_template.html.erb

@@ -6,16 +6,15 @@
     <meta charset="utf-8" />
     <title><%= content_for?(:page_title) ? yield(:page_title) : "GOV.UK - The best place to find government services and information" %></title>
 
-    <!--[if gt IE 8]><!--><%= stylesheet_link_tag "govuk-template.css", integrity: true, crossorigin: "anonymous" %><!--<![endif]-->
+    <!--[if gt IE 8]><!--><link href="<%= asset_path "govuk-template.css" %>" media="screen" rel="stylesheet" /><!--<![endif]-->
     <!--[if IE 6]><link href="<%= asset_path "govuk-template-ie6.css" %>" media="screen" rel="stylesheet" /><![endif]-->
     <!--[if IE 7]><link href="<%= asset_path "govuk-template-ie7.css" %>" media="screen" rel="stylesheet" /><![endif]-->
     <!--[if IE 8]><link href="<%= asset_path "govuk-template-ie8.css" %>" media="screen" rel="stylesheet" /><![endif]-->
-    <%= stylesheet_link_tag "govuk-template-print.css", media: "print", integrity: true, crossorigin: "anonymous" %>
+    <link href="<%= asset_path "govuk-template-print.css" %>" media="print" rel="stylesheet" />
 
     <!--[if IE 8]><link href="<%= asset_path "fonts-ie8.css" %>" media="all" rel="stylesheet" /><![endif]-->
-    <!--[if gte IE 9]><!--><%= stylesheet_link_tag "fonts.css", media: "all", integrity: true, crossorigin: "anonymous" %><!--<![endif]-->
-    <!--[if gte IE 9]><!--><%= stylesheet_link_tag "fonts.css", media: "all", integrity: true, crossorigin: "anonymous" %><!--<![endif]-->
-    <!--[if lt IE 9]><%= javascript_include_tag "ie.js", integrity: true, crossorigin: "anonymous" %><![endif]-->
+    <!--[if gte IE 9]><!--><link href="<%= asset_path "fonts.css" %>" media="all" rel="stylesheet" /><!--<![endif]-->
+    <!--[if lt IE 9]><script src="<% asset_path "ie.js" %>"></script><![endif]-->
 
     <link rel="shortcut icon" href="<%= asset_path 'favicon.ico' %>" type="image/x-icon" />
     <%# the colour used for mask-icon is the standard palette $black from

spec/build_tools/compiler/django_processor_spec.rb

@@ -26,8 +26,6 @@ def valid_sections
   let(:file) {"some/file.erb"}
   subject {described_class.new(file)}
 
-  it_behaves_like "a processor"
-
   describe "#handle_yield" do
     valid_sections.each do |key, content|
       it "should render #{content} for #{key}" do

spec/build_tools/compiler/ejs_processor_spec.rb

@@ -23,8 +23,6 @@ def valid_sections
   let(:file) {"some/file.erb"}
   subject {described_class.new(file)}
 
-  it_behaves_like "a processor"
-
   describe "#handle_yield" do
     valid_sections.each do |key, content|
       it "should render #{content} for #{key}" do

spec/build_tools/compiler/jinja_processor_spec.rb

@@ -27,8 +27,6 @@ def valid_sections
   let(:file) {"some/file.erb"}
   subject {described_class.new(file)}
 
-  it_behaves_like "a processor"
-
   describe "#handle_yield" do
     valid_sections.each do |key, content|
       it "should render #{content} for #{key}" do

spec/build_tools/compiler/mustache_processor_spec.rb

@@ -22,8 +22,6 @@ def valid_sections
   let(:file) {"some/file.erb"}
   subject {described_class.new(file)}
 
-  it_behaves_like "a processor"
-
   describe "#handle_yield" do
     valid_sections.each do |key, content|
       it "should render #{content} for #{key}" do

spec/build_tools/compiler/play_processor_spec.rb

@@ -34,8 +34,6 @@ def expected_parameter_names
 describe Compiler::PlayProcessor do
   subject { described_class.new("dummy filename") }
 
-  it_behaves_like "a processor"
-
   describe "top_of_page" do
     it "declares all of the template parameters" do
       expected_parameter_names.each do |parameter_name|

spec/support/uses_of_yield.rb

@@ -32,12 +32,6 @@ def asset_path(*args)
   def method_missing(name, *args)
     puts "#{name} #{args.inspect}"
   end
-
-  def stylesheet_link_tag(*sources)
-  end
-
-  def javascript_include_tag(*sources)
-  end
 end
 
 # return an array of unique values passed to yield in the templates