Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Joomla.

  1. In your template's index.php, add integrity and crossorigin attributes to any third-party <script> or <link> tags that load external resources.

  2. For Joomla 4+, use the WebAssetManager to register assets with integrity hashes:

    $wa = $this->document->getWebAssetManager();
$wa->registerScript('mycdn', 'https://cdn.example.com/lib.js', ['integrity' => 'sha384-<hash>', 'crossorigin' => 'anonymous']);
Back to top