14.2.3 SRI is used for externally hosted assetsΒΆ
Verify that if application assets, such as JavaScript libraries, CSS stylesheets or web fonts, are hosted externally on a content delivery network (CDN) or external provider, Subresource Integrity (SRI) is used to validate the integrity of the asset.
| Level 1 | X |
| Level 2 | X |
| Level 3 | X |
| CWE | NIST |
|---|---|
| 714 |