From e83f3ebc66375b76844db6fa92b6515a37fc0f5d Mon Sep 17 00:00:00 2001
From: Michael Kolb <dev@goroot.de>
Date: Fri, 25 Oct 2024 10:38:37 +0200
Subject: [PATCH] Enabler to make scripts loaded from CDN more secure (#1127)

* added integrity property to load scripts

* fix contribution
---
 web/components/panel_html.ts | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/web/components/panel_html.ts b/web/components/panel_html.ts
index b409ddae..975153f5 100644
--- a/web/components/panel_html.ts
+++ b/web/components/panel_html.ts
@@ -90,9 +90,14 @@ function updateHeight() {
   }
 }
 
-function loadJsByUrl(url) {
+function loadJsByUrl(url,integrity=null) {
   const script = document.createElement("script");
   script.src = url;
+  if(integrity){
+    script.integrity=integrity;
+    script.crossorigin="anonymous";
+  }
+  
 
   return new Promise((resolve) => {
     script.onload = resolve;
@@ -104,4 +109,4 @@ function loadJsByUrl(url) {
 <body>
 
 </body>
-</html>`;
+</html>`;
\ No newline at end of file