Developer Announcements

jmclaren
HubSpot Employee
HubSpot Employee

Sites using polyfill.io on HubSpot were rewritten to use Cloudflare's version

This is a reposting from the developer changelog. If there are any text differences between this copy and the original on the changelog the changelog is the source of truth.
--

URLs for a popular polyfill service (polyfill.io) began serving malicious code after years of serving safe polyfill scripts. Web developers use polyfills to add backward compatibility for newer browser APIs. None of HubSpot's default assets use polyfill.io hosted scripts. Developers building themes, templates, and modules on HubSpot can, at their discretion, include scripts from external domains. Developers may have included polyfills from polyfill.io this way. 

We protected all HubSpot hosted sites by rewriting all URLs for polyfill.io to use Cloudflare's safe original version of the polyfills to help all of our customers, developers, and partners, who've used polyfill.io hosted scripts. Along with eliminating the malicious code, this ensures that backward compatibility efforts made by developers are still operational.

There is no action needed from customers, partners, or developers using HubSpot.

When is it happening?

This change went into effect on July 15, 2024.

Jon McLaren

Sr. CMS Developer Advocate

Get started developing on the HubSpot CMS Developer Changelog
How to optimize your CMS Hub site for speed

If my reply answered your question, please mark it as a solution, to make it easier for others to find.

0 Respostas 0

0 Respostas

Este post ainda não tem respostas

Ninguém respondeu a este post ainda. Volte em breve para ver se alguém tem alguma solução ou responda caso saiba como ajudar! Tudo o que vai, volta.

responder ao post

Precisa de ajuda para responder? Confira as nossas Diretrizes da Comunidade