[BUGFIX] Include CORS settings attribute when using integrity 09/50209/2
authorXavier Perseguers <xavier@typo3.org>
Wed, 12 Oct 2016 12:36:30 +0000 (14:36 +0200)
committerXavier Perseguers <xavier@typo3.org>
Thu, 13 Oct 2016 10:03:09 +0000 (12:03 +0200)
commit29d1b0a60c71b11612f8e17cf9f55b93c4488a18
treea45a0584eef67e4a68c5de5b8fee78159e9b77b6
parent04481f830ca0d55c152cb881daf0efcb88031413
[BUGFIX] Include CORS settings attribute when using integrity

For Subresource Integrity to work, the CDN must support
Cross-Origin Resource Sharing (CORS). The `crossorigin` attribute
enforces a CORS-enabled load. The anonymous value means that the
browser should omit any cookies or authentication that the user
may have associated with the domain. This prevents cross-origin
data leaks, and also makes the request smaller.

Change-Id: I13d1908c7d6e29686cbc27d7abe93c2c4bb7c340
Resolves: #78262
Releases: master, 7.6
Reviewed-on: https://review.typo3.org/50209
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Xavier Perseguers <xavier@typo3.org>
Tested-by: Xavier Perseguers <xavier@typo3.org>
typo3/sysext/core/Classes/Page/PageRenderer.php