-
Wouldn't it be awesome to do something like this:
``` html
```
So basically, the syntax could be something like
```
http[s]://[library].min.js/[version]/
```
and that would be loading the code …
-
Loading third-party scripts via a loader gives us an opportunity to do checksum validation and avoid exploits made by bad third-party code. Idea is from [this Twitter thread](https://twitter.com/niles…
-
As a "non-expert" and someone trying to understand the specs, take a look at the example below which has both an inline script and a script resource which contain `alert('Hello, world.');`
```
alert…
-
-
I know this is very basic query and may be even naive one. But from the quote below which I read in the readme
> developers of the private messaging application Signal https://github.com/signalapp/…
-
The docker build file downloads Hadoop, Zookeeper, and Accumulo from Apache mirrors. It would be nice to directly download the expected checksums directly from Apache (using https) and verify the fil…
-
scriptタグにintegrity属性を指定してサブリソース完全性の保証を促すようにします。
konawiki2/3とnako3storageにて
https://developer.mozilla.org/ja/docs/Web/Security/Subresource_Integrity
-
### [REQUIRED] Describe your environment
* Operating System version: macOS 10.13.3
* Firebase SDK version: 4.8.1
* Firebase Product: N/A (auth, database, storage, etc)
### …
-
Hi,
This is part feature request, part security. [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) is encouraged on CDN files. On [Getting Started…
-
https://medium.com/@markus.sabadello/json-ld-vcs-are-not-just-json-4488d279be43 by @peacekeeper points out that if someone signs the bytes of a JSON-LD document, the recipient of that signature can't …