You are loading a script or stylesheet from a third-party CDN without verifying its contents. This is a security risk. If the CDN is ever compromised, an attacker could replace the file with malicious code. Subresource Integrity (SRI) is a browser feature that protects you from this by verifying the file's contents.
<script src="https://cdn.example.com/library.js"></script>Add an `integrity` attribute with a cryptographic hash of the file. The CDN provider will usually supply this hash. You also need to add the `crossorigin` attribute.
<script src="https://cdn.example.com/library.js" integrity="sha384-some-hash-value-provided-by-cdn" crossorigin="anonymous"></script>The browser will download the file and check if its hash matches the one in the `integrity` attribute. If it doesn't match, the browser will refuse to execute the file, protecting your site and users from a compromised CDN.
This issue can affect your site's search engine rankings and user experience. Addressing it promptly helps ensure optimal performance and visibility in search results.
Black SEO Analyzer automatically checks for this warning during site analysis, along with hundreds of other technical SEO issues.
Choose the license that fits your needs and start getting the deep, actionable insights you deserve.