Script Integrity Attribute should be added to | Webflow Wishlist

Script Integrity Attribute should be added to loaded scripts

JavaScript files loaded from another domain should be verified using the integrity attribute.

If the contents loaded from another domain is not verified the browser will execute the contents without verifying with a correct hash.

Farid Bonawiede
Jun 8 2021
Reviewed

Other

Comments (1)
Votes (6)

Post comment

Christian MOLINARI commented

September 26, 2023 16:27
I don't know if this task was not completed because of the low number of votes, but it would be nice if it were taken into consideration.
My customers ask me for regular security reports, my webflow site passes them at 99% it only needs this fix to pass at 100%.
De mon coté cela concerne tous les fichiers js suivant :
```
<script src="https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js" type="text/javascript"></script>
```
```
<script src="https://uploads-ssl.webflow.com/604637265ff6af53a0a489ea/js/webflow.b1dac7f20.js" type="text/javascript"></script>
```
Although the second must change with each deployment, I assume.
×
Attachments Open full size