Closed MariusE closed 2 months ago
In your example template, you load code from polyfill io: https://github.com/openlayers/ol-mapbox-style/blob/main/examples/_template.html#L21
This Domain/CDN has a new owner, who now uses those scripts for Supply-Chain-Attacks: https://sansec.io/research/polyfill-supply-chain-attack
Because the examples are part of the distributed package, security tools mark these files as security risc.
Please use a different service to load your code from!
Thanks :)
Fixed with #1169.
ahocevar
commented
2 months ago ahocevar
commented
2 months ago
In your example template, you load code from polyfill io: https://github.com/openlayers/ol-mapbox-style/blob/main/examples/_template.html#L21
This Domain/CDN has a new owner, who now uses those scripts for Supply-Chain-Attacks: https://sansec.io/research/polyfill-supply-chain-attack
Because the examples are part of the distributed package, security tools mark these files as security risc.
Please use a different service to load your code from!
Thanks :)