Provide Subressource Integrity #7
Description
Subressource Integrity is a standard feature of HTML, that lets us specify a hash when loading a ressource (say, a script, a CSS stylesheet, ...).
Currently, we are loading ressources from cdnjs.cloudflare.com without specifying their hash, so Cloudflare (or anyone successfully impersonating them) could inject evil content there.
This looks like it's an issue in mkdocs (or at least its default theme)