Subresource Integrity (SRI) / CORS (crossorigin) for jQuery causing Safari errors

Follow
Avatar
Forrest O.

I'm working on webflow.com, which uses jQuery for some basic menu dropdowns. We've noticed that in Safari, Cookiebot can cause the library to fail loading. Sometimes, not always.

<script src="https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.4.1.min.220afd743d.js" type="text/javascript" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous">

The errors:

  • [Error] Origin https://x.webflow.io is not allowed by Access-Control-Allow-Origin.
  • [Error] Failed to load resource: Origin https://x.webflow.io is not allowed by Access-Control-Allow-Origin. (jquery-3.4.1.min.220afd743d.js, line 0)
  • [Error] Cross-origin script load denied by Cross-Origin Resource Sharing policy.

Is there any way to whitelist this script on the Cookiebot side? We can't change the jQuery script tag.

0

Comments

1 comment

Sort by Date Votes
  • Avatar
    Spas – vConnect – Community Supporter

    Hi Forrest O.

    From the above described information I think that this is most likely a security issue caused by the crossorigin attribute.
    However, I could not see how Cookiebot should have anything to do with this and block jQuery by preventing the script from loading. Could you please send us an example URL where we can see the problem and further in order to find out what might went wrong and help you solve the issue afterwards. 
    You could post the URL in question here or send it to support@cookiebot.com 

    Regards,
    Spas

     

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post