Some websites reject local resource injections
Created by: Mitame
Some websites will refuse to load the injected resources when they don't have the access-control-allow-origin
. One example is this website https://www.yourvotematters.co.uk/faq/voting-by-post
Console output:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://code.jquery.com/jquery-1.9.1.min.js. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
None of the “sha256” hashes in the integrity attribute match the content of the subresource. voting-by-post
Error: Bootstrap's JavaScript requires jQuery bootstrap.min.js:6:37
Error: Bootstrap's JavaScript requires jQuery plugins.min.js:65:41
ReferenceError: jQuery is not defined[Learn More] typeahead.bundle.min.js:7:164
ReferenceError: $ is not defined[Learn More] global.min.js:45:1
Easiest way to fix this (I would imagine) is to just add the header ‘Access-Control-Allow-Origin: *’ in all injections but not looked at anything.