Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove integrity check for the locally served .js scripts #doc
From https://securityheaders.com/?q=https%3A%2F%2Fox-hugo.scripter.co&followRedirects=on, it's not advisable to enable CORS for non-public CDN. > Access-Control-Allow-Origin This is a very lax CORS policy. Such a policy should only be used on a public CDN.
- Loading branch information