Well, to minimize the impact of this kind of security issue, the standard added the integrity key.

…th this code is that it was directly linked via a script tag from a CDN (Content Delivery Network). This means that at any given moment, you have no idea what is actually going to be running on your site. Browsers have become more secure, with in-built protections against things like cross-site scriptin…
Those Scary Stories About Polyfill.io? They’re Just the Beginning
773
10
Amy Blankenship
David Rodenas PhD
·Follow
Jul 11, 2024
--
Well, to minimize the impact of this kind of security issue, the standard added the integrity key. Example:
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js" integrity="sha512-bLT0Qm9VnAYZDflyKcBaQ2gg0hSYNQrJ8RilYldYQ1FxQYoCLtUjuuRuZo+fjqhx/qtq/1itJ0C2ejDxltZVFg==" crossorigin="anonymous"></script>
Yet, if someone hacks this server, your application stops working because the browser stops accepting the code. :/
--
--
Written by David Rodenas PhD
5.8K Followers
·349 Following
Passionate software engineer & storyteller. Sharing knowledge to advance our skills. Join me on a journey of discovery in the world of software engineering.
Responses (1)
Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams