Checksum validation for better security

Question

Checksum validation for better security

Opened this issue 3 years ago · 1 comments

Loading third-party scripts via a loader gives us an opportunity to do checksum validation and avoid exploits made by bad third-party code. Idea is from this Twitter thread:

The checksum could be a self-descriptive multihash for future-proofing.

Answer 1 · 2022-04-05T14:31:44.000Z

This could be achieved by adding support for Subresource Integrity to script.js