“https://code.jquery.com/jquery-3.3.1.min.js” is not eligible for integrity checks since it’s neither CORS-enabled nor same-origin

[gebeer]

Describe the bug After installing SnipWire, I get this error in the dev console on the frontend: “https://code.jquery.com/jquery-3.3.1.min.js” is not eligible for integrity checks since it’s neither CORS-enabled nor same-origin

To Reproduce Steps to reproduce the behavior:

1. install SnipWire
2. open Frontpage
3. open dev console and watch for errors

Expected behavior jQuery loads from CDN without problems

Setup/Environment Include relevant details about your environment setup.

• ProcessWire version: 3.0.175
• (Optional) PHP version: 7.4
• (Optional) MySQL version: 5.7.35
• (Optional) Any 3rd party modules that are installed and could be related to the issue: not relevant

Proposed Solution Add the crossorigin="anonymous" attribute to the script tag which loads jQuery from CDN. The script tag should read: <script src="https://code.jquery.com/jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script>

I have done this by changing https://github.com/gadgetto/SnipWire/blob/d13d46e2455cd9e1e228ed79cdf90e0c77ac8fe1/MarkupSnipWire/MarkupSnipWire.module.php#L207 to:

            $out .= (!empty($snipwireConfig->jquery_js_integrity) ? ' integrity="' . $snipwireConfig->jquery_js_integrity . '" crossorigin="anonymous"' : '');

Thank you for this great module!

[gadgetto]

Thanks! I'll be fixing this with next version.