Integrity management for external js

bin/acoeur.conf

@@ -7,7 +7,7 @@
 
   <Directory /var/simpleWeb/apps/acoeur/*>
     AuthUserFile /home/manu/Adata/.htaccessPasswords
-    AuthName "Quiz d'A Livr'Ouvert"
+    AuthName "Moteur acoeur"
     AuthType Basic
     Require user mag manu amelie tiffany
   </Directory>
@@ -32,7 +32,8 @@
 
   CustomLog /var/simpleWeb/log/apache/acoeur.log combined
 
-	Header always set Access-Control-Allow-Origin "cdnjs.cloudflare.com"
+  # Some level of protection against attacks
+  Header always set Access-Control-Allow-Origin "https://cdn.jsdelivr.net"
 </VirtualHost>
 
 <VirtualHost *:80>

themes/acoeur/layouts/partials/head-additions.html

@@ -1,14 +1,14 @@
 <script>const file = '{{ .File }}'</script>
 
 <script defer
-				src="https://cdnjs.cloudflare.com/ajax/libs/tinymce/6.4.2/tinymce.min.js"
+	src="https://cdn.jsdelivr.net/npm/tinymce@6.4.2/tinymce.min.js"
-				integrity="sha512-sWydClczl0KPyMWlARx1JaxJo2upoMYb9oh5IHwudGfICJ/8qaCyqhNTP5aa9Xx0aCRBwh71eZchgz0a4unoyQ==">
+	integrity="sha256-IkzPrE0TvQ1UKCWBCCRVNpDBU3CxMyQE6yLepGnV1sA="
-</script>
+	crossorigin="anonymous"></script>
 
 <script defer
 	src="https://cdn.jsdelivr.net/npm/easyqrcodejs@4.4.13/dist/easy.qrcode.min.js"
-				integrity="sha256-ysnj5Mp9adRzpXyhbGW2YTdUSpdapignH3Z57bMq6G8=">
+	integrity="sha256-ysnj5Mp9adRzpXyhbGW2YTdUSpdapignH3Z57bMq6G8="
-</script>
+	crossorigin="anonymous"></script>
 
 {{ with resources.Get "js/misc.js" | minify | fingerprint }}
 <script defer src="{{ .Permalink }}"></script>
@@ -41,3 +41,8 @@
 {{ with resources.Get "js/prettify.js" | minify | fingerprint }}
 <script defer src="{{ .Permalink }}"></script>
 {{ end }}
+
+<link rel="stylesheet"
+	href="https://cdn.jsdelivr.net/npm/tinymce@6.4.2/skins/ui/oxide/content.min.css"
+	integrity="sha256-ml3zmaOLzm/5Si2U6xuyLoBd9Vb+ltL2pBwZuz3hBxU="
+	crossorigin="anonymous">