Menu
Bootstrap Using integrity and crossorigin attributes on it's CDN sources like
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js" integrity="sha384-B0UglyR+jN6CkvvICOB2joaf5I4l3gm9GU6Hc1og6Ls7i6U/mkkaduKaBhlAXv9k" crossorigin="anonymous"></script>
now my question is if I want to use sources locally from my own hosted server do I still need those attributes or this will be good enough?
<link rel="stylesheet" href="../css/bootstrap.min.css">
<script src="../js/jquery-3.3.1.min.js"></script>
908
I believe the short answer is No.
According to Mozilla, Subresource Integrity is a security measure for CDNs in case it becomes compromised. It uses the hash to verify it is genuinely the CDN you requested.
Since they are local resources you are using, these attributes are not needed.
54
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
