Developer Announcements

jmclaren
HubSpot Employee
HubSpot Employee

Sites using polyfill.io on HubSpot were rewritten to use Cloudflare's version

This is a reposting from the developer changelog. If there are any text differences between this copy and the original on the changelog the changelog is the source of truth.
--

URLs for a popular polyfill service (polyfill.io) began serving malicious code after years of serving safe polyfill scripts. Web developers use polyfills to add backward compatibility for newer browser APIs. None of HubSpot's default assets use polyfill.io hosted scripts. Developers building themes, templates, and modules on HubSpot can, at their discretion, include scripts from external domains. Developers may have included polyfills from polyfill.io this way. 

We protected all HubSpot hosted sites by rewriting all URLs for polyfill.io to use Cloudflare's safe original version of the polyfills to help all of our customers, developers, and partners, who've used polyfill.io hosted scripts. Along with eliminating the malicious code, this ensures that backward compatibility efforts made by developers are still operational.

There is no action needed from customers, partners, or developers using HubSpot.

When is it happening?

This change went into effect on July 15, 2024.

Jon McLaren

Sr. CMS Developer Advocate

Get started developing on the HubSpot CMS Developer Changelog
How to optimize your CMS Hub site for speed

If my reply answered your question, please mark it as a solution, to make it easier for others to find.

0 Antworten

0 Antworten

Noch keine Antworten

Auf diesen Beitrag hat noch niemand geantwortet. Es lohnt sich aber, gelegentlich wieder vorbei zu schauen und nachzusehen, ob jemand eine Antwort gepostet hat – oder um eine eigene Lösung zu posten!

Auf Beitrag antworten

Hilfe gefällig? Weitere Infos in unseren Community-Richtlinien