搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

了解更多

None of the "sha256" hashes in the integrity attribute match the content of the subresource

  • 2 回覆
  • 1 有這個問題
  • 1 次檢視
  • 最近回覆由 igorw

more options

We created a web site that uses resources from cdnjs. This site has been live for a couple of months but we have sporadic issues with resources from this CDN and FireFox.

  • The error in the console for each script/style CDN resource is: None of the "sha256" hashes in the integrity attribute match the content of the subresource.
  • The error message in the network tab for each resource is: The connection used to fetch this resource was not secure

Resources that I have had issues with include these elements (as they appear in our web page):

Steps to reproduce

You can reproduce the problem with one of the above URLs and place it directly in the URL of the FireFox browser. The resource should load in the browser window but after pressing CTRL+F5 at least one time (could be up to 5 times) an error will appear. I can duplicate this from multiple PCs although we are located in the Netherlands so maybe a timing issue or something? This does not happen with any other resources from other CDNs that we are using like (we use integrity checks with these as well):

My environment:

  • Windows 10 Pro 64bit patched to latest
  • FireFox 60.0.1 (64-bit)

My question

Is this an issue that is specific to cdnjs and they must resolve this or is this an issue with FireFox or is this an issue with how we are requesting the resource? Is there anything else that we can do to get the ball rolling on fixing this (depending on the actual source of the problem)?

As a side note we also test our software on Google Chrome, MS Internet Explorer, MS Internet Explorer 11, MS Edge, and Opera and we have

Thank you in advance!

-Igor

We created a web site that uses resources from [https://cdnjs.com/ cdnjs]. This site has been live for a couple of months but we have sporadic issues with resources from this CDN and FireFox. * The error in the console for each script/style CDN resource is: '''None of the "sha256" hashes in the integrity attribute match the content of the subresource.''' * The error message in the network tab for each resource is: '''The connection used to fetch this resource was not secure''' Resources that I have had issues with include these elements (as they appear in our web page): * <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap3-dialog/1.35.4/css/bootstrap-dialog.min.css" integrity="sha256-wstTM1F5dOf7cgnlRHIW3bmoRAAGh6jL7tMIvqTuFZE=" crossorigin="anonymous" /> * <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datetimepicker/4.17.47/css/bootstrap-datetimepicker.min.css" integrity="sha256-yMjaV542P+q1RnH6XByCPDfUFhmOafWbeLPmqKh11zo=" crossorigin="anonymous" /> * <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/jqtree/1.4.4/jqtree.min.css" integrity="sha256-ymsp1QFcwiJbIgAoSOkMtqe4GFczZH1KjXLq6y5f+QY=" crossorigin="anonymous" /> * <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" integrity="sha384-wvfXpqpZZVQGK6TAh5PVlGOfQNHSoD2xbE+QkPxCAFlNEevoEH3Sl0sibVcOQVnN" crossorigin="anonymous" /> * <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap3-dialog/1.35.4/js/bootstrap-dialog.min.js" integrity="sha256-IpgnbT7iaNM6j9WjtXKI8VMJ272WM9VvFYkZdu1umOA=" crossorigin="anonymous"></script> * <script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.15.2/moment-with-locales.min.js" integrity="sha256-K+AZsAFjiBd4piqBmFzaxDsiQiHfREubm1ExNGW1JIA=" crossorigin="anonymous"></script> '''Steps to reproduce''' You can reproduce the problem with one of the above URLs and place it directly in the URL of the FireFox browser. The resource should load in the browser window but after pressing ''CTRL+F5'' at least one time (could be up to 5 times) an error will appear. I can duplicate this from multiple PCs although we are located in the Netherlands so maybe a timing issue or something? This does not happen with any other resources from other CDNs that we are using like (we use integrity checks with these as well): * <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script> * <script src="https://code.jquery.com/jquery-3.3.1.min.js" integrity="sha256-FgpCb/KJQlLNfOu91ta32o/NMZxltwRo8QtmkMRdAu8=" crossorigin="anonymous"></script> My environment: * Windows 10 Pro 64bit patched to latest * FireFox 60.0.1 (64-bit) ''My question'' Is this an issue that is specific to [https://cdnjs.com/ cdnjs] and they must resolve this or is this an issue with FireFox or is this an issue with how we are requesting the resource? Is there anything else that we can do to get the ball rolling on fixing this (depending on the actual source of the problem)? As a side note we also test our software on Google Chrome, MS Internet Explorer, MS Internet Explorer 11, MS Edge, and Opera and we have Thank you in advance! -Igor

由 igorw 於 修改

被選擇的解決方法

@Pkshadow - Thank you for your suggestion. I have created a post on Stack Overflow. As per your recommendation I will mark this question as closed.

從原來的回覆中察看解決方案 👍 0

所有回覆 (2)

more options

Hi, this is some what beyond what Firefox Support Volunteers do.

If you have a bug, file a bug report.

Bug Writing Guidelines :

Also info :

and

Since mozilla.org and some other URL's download a Stub Installer that maybe the issue you are having. Try full version installers :

Please let us know if this solved your issue or if need further assistance.

more options

選擇的解決方法

@Pkshadow - Thank you for your suggestion. I have created a post on Stack Overflow. As per your recommendation I will mark this question as closed.