For a little more detail about this:
https://markalanrichards.com/posts/2023-09-10-data-access-te...I wanted to explore the extent to which some significant UK websites include SRI of JavaScript assets.
Put together on a Sunday, needs work, curious about how best to check for CSP and whether I've missed other risks beyond just JavaScript not protected by SRI.
