CORS and subresource integrity checking

Hi there,

We’ve recently had to remove New relic due to a CORS issue that was flagged up during a PEN test. The PEN Test highlighted a javascript example that turned out to be related to New Relic, we were unable to find a satisfactory method to implement Subresource Integrity that was suggestd so we had to remove the New Relic Javascript from our server.

Just wondering if there are any suggested ways around this issue?

Hey @madeopen!

Implementing Subresource Integrity is a Feature Idea some of our other customers have requested. If you’d like to check it out and add your vote to the thread. The Product Team is paying attention to that. You can do so here: Feature Idea: Add SRI support to NewRelic Browser integration

If you have not tried enabling CORS and would like to see if that helps, I can point you in the right direction:

If enabling CORS doesn’t help, and the Feature Idea isn’t what you’re looking for, you’re welcome to share a screenshot of the issue you’re seeing, and any other information that might give us a little more insight.