HTTP/2 301
server: nginx
date: Sun, 28 Dec 2025 02:20:15 GMT
content-type: text/html; charset=UTF-8
x-olaf: ⛄
vary: accept, content-type
x-redirect-by: WordPress
location: https://developer.wordpress.org/reference/hooks/wp_script_attributes/
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=86400
x-nc: MISS ord 1
HTTP/2 200
server: nginx
date: Sun, 28 Dec 2025 02:20:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-olaf: ⛄
vary: accept, content-type
link:
; rel="https://api.w.org/"
link:
; rel="alternate"; title="JSON"; type="application/json"
link: ; rel=shortlink
x-frame-options: SAMEORIGIN
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-nc: MISS ord 1
wp_script_attributes – Hook | Developer.WordPress.org
apply_filters ( ‘wp_script_attributes’, array $attributes
Filters attributes to be added to a script tag.
$attributesarray Key-value pairs representing <script> tag attributes.<script> tag for entries with a boolean value, and that are true.
Version Description 5.7.0 Introduced.
If you want to harden your website against supply chain attacks, you can use this filter to add Subresource integrity checking to a script.
For example, for Select2 script at v4.0.9 from cdnjs.com, you would copy the SRI hash from https://cdnjs.com/libraries/select2/4.0.9, and add it as an attribute to the script.
Then check for the select2-js ID, and that it is delivered by CDNJS, before adding the SRI attributes.