46 lines
1021 B
Plaintext
46 lines
1021 B
Plaintext
include::../description.adoc[]
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
== Sensitive Code Example
|
|
|
|
The following code sample uses neither integrity checks nor version pinning:
|
|
|
|
[source,javascript]
|
|
----
|
|
let script = document.createElement("script");
|
|
script.src = "https://cdn.example.com/latest/script.js"; // Sensitive
|
|
script.crossOrigin = "anonymous";
|
|
document.head.appendChild(script);
|
|
----
|
|
|
|
== Compliant Solution
|
|
|
|
[source,javascript]
|
|
----
|
|
let script = document.createElement("script");
|
|
script.src = "https://cdn.example.com/v5.3.6/script.js";
|
|
script.integrity = "sha384-oqVuAfXRKap7fdgcCY5uykM6+R9GqQ8K/uxy9rx7HNQlGYl1kPzQho1wx4JwY8wC";
|
|
script.crossOrigin = "anonymous";
|
|
document.head.appendChild(script);
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|