0

I use a number of CDN links in my webapplication for javascript and CSS, e.g.: 

 <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.3/jquery.min.js"
        integrity="sha384-I6F5OKECLVtK/BL+8iSLDEHowSAfUo76ZL9+kGAgTRdiByINKJaqTPH/QVNS1VDb"
        crossorigin="anonymous"></script>

Usually everything works fine, but sometimes I get this message in Firebug console:

None of the "sha256" hashes in the integrity attribute match the content of the subresource.

If that happens, my javascript doesn't load and my application is broken. A simple refresh will resolve that. Rather than getting rid of the CDN links and hosting the files myself, I would like to fix this. Is this a common problem?

micksp
  • 123
  • 2
  • 15

2 Answers2

1

One possible explanation for this is if your system time is sufficiently off. I was running Debian in a VirtualBox instance. I hibernated the host machine a few times without touching the VM again. That's when I noticed certain Web pages weren't loading properly in Firefox within the VM. Once I got here it occurred to me to check the system time. Sure enough it was off by nearly 2 hours. ntp was not installed so I installed that package: sudo aptitude install ntp. I verified that the date/time was updated with date, and then tested Firefox again. The problematic Web pages (including this one) worked.

bambams
  • 745
  • 1
  • 8
  • 18
0

Make sure your network connection is working or if you have your browser set up to use Network Proxy that it too is working.

I was seeing this message as I was loading html locally (e.g., File -> Open File) on a browser where the integrity check would fail because I did not have the network proxy (via ssh tunnel) working at the time. As soon as I resolved my network connectivity, the page would load and these messages would go away (with the assumption, of course, that the integrity attribute values are correct.)

Stephen Gornick
  • 352
  • 2
  • 11