Add attribute property to scripts from jsdelivr

Adding the integrity attribute protects the website (by refusing to load the script) against malicious modifications of the script in the case of jsdelivr gets hacked
2022-03-04 03:34:45 +00:00 · 2022-03-04 03:34:45 +00:00 · 58b2d1dda9
commit 58b2d1dda9
parent 1929b466c0
2 changed files with 2 additions and 2 deletions
--- a/layouts/partials/graph.html
+++ b/layouts/partials/graph.html
@ -1,4 +1,4 @@
-<script src="https://cdn.jsdelivr.net/npm/d3@6"></script>
+<script src="https://cdn.jsdelivr.net/npm/d3@6.7.0/dist/d3.min.js" integrity="sha256-+7jaYCp29O1JusNWHaYtgUn6EhuP0VaFuswhNV06MyI=" crossorigin="anonymous"></script>
 <h3>Interactive Graph</h3>
 <div id="graph-container"></div>
 <style>
--- a/layouts/partials/search.html
+++ b/layouts/partials/search.html
@ -5,6 +5,6 @@
        </div>
    </div>
 </div>
-<script defer src="https://cdn.jsdelivr.net/gh/nextapps-de/flexsearch@0.7.2/dist/flexsearch.bundle.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/flexsearch@0.7.21/dist/flexsearch.bundle.js" integrity="sha256-i3A0NZGkhsKjVMzFxv3ksk0DZh3aXqu0l49Bbh0MdjE=" crossorigin="anonymous" defer></script>
 {{ $js := resources.Get "js/search.js" |  resources.Fingerprint "md5" | resources.Minify }}
 <script defer src="{{ $js.Permalink }}"></script>