Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to solve “resource requires the request to be CORS enabled… resource has been blocked because the integrity cannot be enforced” error

Tags:

cors

twitter-bootstrap

twitter-bootstrap-3

subresource-integrity

I am using bootstrap icons in my project which gives me error

Subresource Integrity: The resource 'http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css' has an integrity attribute, but the resource requires the request to be CORS enabled to check the integrity, and it is not. The resource has been blocked because the integrity cannot be enforced.

Can any one help me to solve this issue and when we move to production the icon is not loaded.

So I am using below link for bootstrap icons

%link{:href => "http://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css", :integrity => "sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7", :rel => "stylesheet"}/
like image 882
Nikhil Thombare Avatar asked Feb 10 '16 18:02

Nikhil Thombare

2 Answers

I think you are missing crossorigin="anonymous".

<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">

When the request doesn't match Same Origin Policy the crossorigin attribute MUST be present for the integrity of the file to be checked. With an integrity set on an external origin and a missing crossorigin the browser will choose to 'fail-open' which means it will load the resource as if the integrity attribute was not set.

Source

like image 140
Schmalzy Avatar answered Oct 18 '22 02:10

Schmalzy

I was trying to insert jQuery into a page via the Chrome DevTools Console, and I was getting this error. Here's the code I was using:

// Bad code
let script = document.createElement('script');
script.src = 'https://code.jquery.com/jquery-3.2.1.min.js';
script.crossorigin = 'anonymous';
script.integrity = 'sha256-hwg4gsxgFZhOsEEamdOYGBf13FyQuiTwlAQgxVSNgt4=';
document.head.appendChild(script);

The solution was to change crossorigin to crossOrigin (uppercase O for Origin):

// Good code
let script = document.createElement('script');
script.src = 'https://code.jquery.com/jquery-3.2.1.min.js';
script.crossOrigin = 'anonymous';
script.integrity = 'sha256-hwg4gsxgFZhOsEEamdOYGBf13FyQuiTwlAQgxVSNgt4=';
document.head.appendChild(script);
like image 29
Kayce Basques Avatar answered Oct 18 '22 04:10

Kayce Basques
Sign in to Comment

Related questions

Make toastr alerts look like bootstrap alerts
Can I still use the 'title' attribute on Bootstrap popovers?
BootStrap : Uncaught TypeError: $(...).datetimepicker is not a function
How do you add Bootstrap buttons in Bootstrap Table
Anchor tag not displayed as button using twitter bootstrap
the tooltip in bootstrap doesn't work after ajax
The bootstrap "dropdown open" toggle does not work properly in development, but works in production
Rotating Glyphicons / Font Awesome in Bootstrap
React: Render new row every 4th column
Bootstrap .dropdown li background color
Show twitter bootstrap modal dialog automatically with knockout
Twitter Bootstrap 3 inline and horizontal form
Bootstrap Slider change value handler
Date format in Bootstrap datetimepicker
Cannot type (or even focus) in input type="text" while bootstrap modal is open
ng-bootstrap not working in angular 4
Twitter bootstrap: adding a class to the open accordion title
How to change placement of Twitter-Bootstrap tooltip placement after initialization?
Carousel indicators not showing up on white background on slides (custom style or class add)?
Bootstrap horizontal scrollable tab bar

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!