Revert Subresource Integrity pending a fix for Firefox's incorrect hashing implementation.revert-sri

3 files changed, 4 insertions, 5 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 4a8188ea060..ef027eff045 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -7,7 +7,6 @@ v 8.10.0 (unreleased)
   - Fix MR-auto-close text added to description. !4836
   - Fix pagination when sorting by columns with lots of ties (like priority)
   - Exclude email check from the standard health check
-  - Implement Subresource Integrity for CSS and JavaScript assets. This prevents malicious assets from loading in the case of a CDN compromise.
   - Fix changing issue state columns in milestone view
   - Fix user creation with stronger minimum password requirements !4054 (nathan-pmt)
   - Add API endpoint for a group issues !4520 (mahcsig)
diff --git a/app/helpers/javascript_helper.rb b/app/helpers/javascript_helper.rb
index 5109356941d..0e456214d37 100644
--- a/app/helpers/javascript_helper.rb
+++ b/app/helpers/javascript_helper.rb
@@ -1,5 +1,5 @@
 module JavascriptHelper
   def page_specific_javascript_tag(js)
-    javascript_include_tag asset_path(js), { integrity: true, "data-turbolinks-track" => true }
+    javascript_include_tag asset_path(js), { "data-turbolinks-track" => true }
   end
 end
diff --git a/app/views/layouts/_head.html.haml b/app/views/layouts/_head.html.haml
index 2d020e9c222..757de92d6d4 100644
--- a/app/views/layouts/_head.html.haml
+++ b/app/views/layouts/_head.html.haml
@@ -25,10 +25,10 @@
 
   = favicon_link_tag 'favicon.ico'
 
-  = stylesheet_link_tag "application", media: "all", integrity: true
-  = stylesheet_link_tag "print",       media: "print", integrity: true
+  = stylesheet_link_tag "application", media: "all"
+  = stylesheet_link_tag "print",       media: "print"
 
-  = javascript_include_tag "application", integrity: true
+  = javascript_include_tag "application"
 
   - if content_for?(:page_specific_javascripts)
     = yield :page_specific_javascripts