Making third-party hosted scripts safer with Subresource Integrity
Websites routinely include third-party hosted resources - images, scripts, stylesheets and so on. It's now a standard practice. One thing to keep in mind is that if your website includes a JavaScript script from another site (example.org):
technically speaking you’re relying on the security level of the script provider’s server example.org. In case example.org would start serving malicious content, your site including this content might …
Read more