Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use SRI on any CDN scripts #1628

Open
jasongrout opened this issue Aug 14, 2017 · 3 comments
Open

Use SRI on any CDN scripts #1628

jasongrout opened this issue Aug 14, 2017 · 3 comments
Milestone
Future

Comments

@jasongrout
Copy link
Member

See https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity for an example.
@jasongrout jasongrout added this to the 7.0 milestone Aug 14, 2017
@jasongrout
Copy link
Member Author

See also #1627.

@jasongrout
Copy link
Member Author

I did the crossorigin part in #1635. I think we'll punt SRI to after the release.

@jasongrout jasongrout modified the milestones: Future, 7.0 Aug 15, 2017
@jasongrout jasongrout changed the title Use SRI and the crossorigin attribute on any CDN scripts Use SRI on any CDN scripts Sep 5, 2017
@jasongrout
Copy link
Member Author

Note that using SRI directly conflicts with getting the latest patch release of the script from the CDN.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Future
Development

No branches or pull requests
1 participant
@jasongrout