Some more disallowed attributes

BYOND Forums

Announcements · BYOND Help · Bug Reports · Feature Requests · Beta Testers · Beta Bugs · Developer Help · Design Philosophy · Demos & Libraries · Tutorials & Snippets · Art & Sound · Classified Ads · Game Updates · Contests & Events · Linux Talk · On Topic · Off Topic

ID:1984328

Nov 17 2015, 10:42 am

NullQuery

Applies to:

Webclient

Status:

Open

Issue hasn't been assigned a status value.

Removing disallowed attribute <LINK crossorigin="anonymous">
Removing disallowed attribute <LINK integrity="sha384-aUGj/X2zp5rLCbBxumKTCw2Z50WgIr1vs/ PFN4praOTvYXWlVyh2UtNUU0KAUhAX">
Removing disallowed attribute <LINK crossorigin="anonymous">
Removing disallowed attribute <LINK integrity="sha512-dTfge/ zgoMYpP7QbHy4gWMEGsbsdZeCXz7irItjcC3sPUFtf0kuFbDz/ ixG7ArTxmDjLXDmezHubeNikyKGVyQ==">

Apparently "crossorigin" is used to send a CORS request to fetch the resource, which would permit the resource being accessed by local JavaScript.

The "integrity" parameter is used to verify if the received content is correct, to prevent man-in-the-middle attacks if someone hacks the CDN.

Dec 7 2015, 4:44 pm
NullQuery	?

Dec 7 2015, 5:22 pm
Lummox JR	I think I forgot to get this change in 1315, but I'll get to it.