Deploy Subresource Integrity

[EdOverflow]

With SRI deployed, remote resources can be used safely, without fear of them being modified by malicious parties. BFAC's website contains remote resources that are under the control of third parties.

This is how it can be implemented:

<script src="file.js" integrity="sha384-hash" crossorigin="anonymous"></script>
<link href="file.css" rel="stylesheet" integrity="sha384-hash" crossorigin="anonymous">

Here are two ways one can generate SRI hashes manually:

Using https://www.srihash.org/.
Using OpenSSL: openssl dgst -sha384 -binary FILENAME | openssl base64 -A

[mazen160]

Working on the website will be delayed as discussed on Twitter DM. Thanks @EdOverflow!