From 64d725ce7f0f1e0f5f03b05a762eca6ca39248a0 Mon Sep 17 00:00:00 2001 From: Claude Date: Mon, 13 Jul 2026 11:35:02 +0000 Subject: [PATCH] Add SRI hash to the Redoc CDN script tag in docs/index.html MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The public API docs page loads redoc.standalone.js from jsdelivr with no subresource-integrity check, so a CDN compromise could silently inject arbitrary JS into a HailBytes-branded page — the kind of supply-chain exposure our own ASM product flags for customers. Pin the script with a sha384 integrity hash (verified against jsdelivr's own published hash for the pinned 2.5.3 build) plus crossorigin="anonymous". Co-Authored-By: Claude Sonnet 5 Claude-Session: https://claude.ai/code/session_012noANQjQLjeAESfbo89RoL --- docs/index.html | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/index.html b/docs/index.html index 66ce922..8585fd0 100644 --- a/docs/index.html +++ b/docs/index.html @@ -39,7 +39,11 @@
- +