re: Three Steps For Increasing The Security of Your Web Apps VIEW POST

TOP OF THREAD FULL DISCUSSION
re: Hi Jamie, Great post! I must admit I added an external script via js in a similar manner recently (it's not in production yet luckily, so granted ...
 

External scripts aren't really a big problem.

I would recommend that you have add it to your CSP, generate an SRI, and make sure that require SRI for is enabled in your CSP.

That way, if the external script ever changes then the browser won't even load it.

code of conduct - report abuse