#subresourceintegrity — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #subresourceintegrity, aggregated by home.social.
-
If you're still using polyfill.io you probably want to replace/remove it IMMEDIATELY. The domain has been sold and the new owners are injecting #malware (1).
If you absolutely have to use externally hosted #JavaScript and #CSS, it's a good idea to secure it with #SubresourceIntegrity (2). It's supported by most old browsers you're probably polyfilling for.
(1) https://polykill.io/
(2) https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity