hops-examples icon indicating copy to clipboard operation
hops-examples copied to clipboard

Published 20 hours ago verified publisher icon logicalclocks

Script Integrity Attribute Not Implemented

Open berthoug opened this issue 4 years ago • 0 comments

Reported by the penetration testing:

A script tag with content from another domain is not using an integrity attribute.

<script type="text/javascript" async="" src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.2/MathJax.js?config=TeX-MML-AM_CHTML">
</script>

We should do like https://github.com/logicalclocks/hops-examples/blob/495815706bf1f66867fccf28e96b20c5f622579c/themes/berbera/layouts/_default/baseof.html#L84 and maybe also use the same version everywhere.

berthoug avatar Sep 16 '21 11:09 berthoug