You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Subressource Integrity is a standard feature of HTML, that lets us specify a hash when loading a ressource (say, a script, a CSS stylesheet, ...).
Currently, we are loading ressources from cdnjs.cloudflare.com without specifying their hash, so Cloudflare (or anyone successfully impersonating them) could inject evil content there.
This looks like it's an issue in mkdocs (or at least its default theme)
The text was updated successfully, but these errors were encountered:
Subressource Integrity is a standard feature of HTML, that lets us specify a hash when loading a ressource (say, a script, a CSS stylesheet, ...).
Currently, we are loading ressources from
cdnjs.cloudflare.comwithout specifying their hash, so Cloudflare (or anyone successfully impersonating them) could inject evil content there.This looks like it's an issue in mkdocs (or at least its default theme)
The text was updated successfully, but these errors were encountered: