Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Subresource Integrity Problem
See original GitHub issueScreenshots
Version
Webchat CDN v.4.8.0
Describe the bug
I replaced webchat cdn urls v 4.7.1 in my project with the new webchat cdn urls with v 4.8.0 and they throw http status code 404 (Not Fount). Please see the screenshot above.
Code
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title></title>
<base href="./" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<link rel="icon" type="image/x-icon" href="favicon.ico" />
<link rel="stylesheet" href="https://use.typekit.net/fuc4zia.css" />
<script crossorigin="anonymous"
integrity="sha384-EAMohwVGPGHagMPKSsrNj19/AUPEveyotCJG2ZriygMOR7dujHk9iLMoKOeZiETX"
src="https://cdn.botframework.com/botframework-webchat/4.8.0/webchat.js"></script>
<script crossorigin="anonymous"
integrity="sha384-kBFopxfE3U3wq2fCUCdxNFihClv3I5jnxsQqqeShIPDs7wpWg9K8NSKUINSzPuJs"
src="https://cdn.botframework.com/botframework-webchat/4.8.0/webchat-es5.js"></script>
</head>
<body>
<app-root>Loading...</app-root>
</body>
</html>
Steps to reproduce
- On an existing webchat host project update CDN urls with v4.8.0
- Run the project and observe the http 404 errors under the browser console.
Expected behavior
Files should be available and we should not see http code 404.
[Bug]
Issue Analytics
- State:
- Created 4 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Subresource Integrity - Web security | MDN
Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are ...
Read more >Securing Your Website With Subresource Integrity - CSS-Tricks
Solution: Subresource Integrity (SRI). SRI is a security policy that prevents the loading of resources that don't match an expected hash.
Read more >Understanding Subresource Integrity - Smashing Magazine
Subresource Integrity is a browser feature you can use to make sure that the code being used is exactly what you intended.
Read more >Subresource Integrity - W3C
Abstract. This specification defines a mechanism by which user agents may verify that a fetched resource has been delivered without ...
Read more >Subresource Integrity (SRI) Not Implemented - Invicti
Subresource Integrity (SRI) provides a mechanism to check integrity of the resource hosted by third parties like Content Delivery Networks (CDNs) and ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
4.8.0 is not on CDN yet. It will be released coming Monday noon.
Thus, the SRI for 4.8.0 is not working yet.
@arman-g thanks for being cutting edge.
Closing as resolved. @compulim thanks for jumping in xD