Skip to content

Troubleshooting: Integrity Issues with Local Files #41388

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
3 tasks done
hrazhdari opened this issue Apr 16, 2025 · 1 comment
Open
3 tasks done

Troubleshooting: Integrity Issues with Local Files #41388

hrazhdari opened this issue Apr 16, 2025 · 1 comment
Labels
docs enhancement

Comments

@hrazhdari
Copy link

hrazhdari commented Apr 16, 2025
edited by julien-deramond
Loading

Prerequisites

Describe the issue

Troubleshooting: Integrity Issues with Local Files

When using Bootstrap locally, you may encounter issues with the integrity attribute in <script> or <link> tags. This is because integrity checks the hash of the file to ensure its integrity. However, when you're using local files (i.e., files stored on your own server or filesystem), the integrity hash may not match, and the file may fail to load.

Solution:

To avoid this issue, simply remove the integrity attribute from the <script> or <link> tags when loading Bootstrap locally. The integrity attribute is primarily useful when loading files from a CDN, not for local development.

For example, instead of:

<script src="path/to/bootstrap.bundle.min.js" integrity="sha384-..." crossorigin="anonymous"></script>
👍 use 
<script src="path/to/bootstrap.bundle.min.js"></script>

Reduced test cases

<script src="path/to/bootstrap.bundle.min.js"></script>

What operating system(s) are you seeing the problem on?

Windows

What browser(s) are you seeing the problem on?

No response

What version of Bootstrap are you using?

all
@hrazhdari hrazhdari mentioned this issue Apr 19, 2025
Closed
@julien-deramond julien-deramond moved this from To do to To analyze in v5.3.6 Apr 20, 2025
@github-project-automation github-project-automation bot moved this to To do in v5.3.6 Apr 20, 2025
@julien-deramond julien-deramond moved this to To analyze in v5.3.7 May 5, 2025
@julien-deramond julien-deramond removed this from v5.3.6 May 5, 2025
@Baiyan1101
Copy link

Hi, Thank you for raising this question! The failure of integrity verification for local files is indeed a common pain point, especially in development/offline scenarios. Based on the discussion, add a few suggestions: I notice that in the solution you simply remove the integrity attribute in or tags. However, this operation will inevitably affect security unless the local files are fully trusted. Therefore, I think it is necessary to first clarify the precautions for local use in the documentation, such as: "Using local files? Remove integrity or generate a new hash via openssl dgst sha384 basic FILE | openssl base64-A", and provide a script (such as gen integration.js) in the bootstrap/build directory to help developers generate the correct hash value for local files. Let me know if you'd like to submit this as a PR!

@julien-deramond julien-deramond removed this from v5.3.7 May 24, 2025
@julien-deramond julien-deramond moved this to To analyze in v5.4.0 May 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
docs enhancement
Projects
v5.4.0
Status: To analyze
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs: add note about integrity attribute when using local Bootstrap files hrazhdari/bootstrap
3 participants
@julien-deramond @hrazhdari @Baiyan1101