Hello Datahell,
Luckily, I keep busy with different things including the Arduino, Raspberry, and Python, to keep thinking about the practical side of their use in the home.
I found the following links useful on the subject.
https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy
I used this one to create the additional script tag to keep everything proper by taking a link such as https://cdn.userway.org/widget.js and entering it into the link below.  This gave me the completed link except for my id.
https://www.srihash.org/
All the best,
Petros

Solved, but just to clarify some things.

Files integrity checksum (sha256) makes sense if you use a CSP policy. Additionally nonce tells the browser to ignore this script. Using these options is strongly recommended for external scripts and css files. CSP (Content Security Policy) tells the browser what to consider safe. If the safe check by the browser fail then the browser doesn't load that resource/code.

Υπάρχει κάποιο τρόπος να δείχνω ένα pdf σαν κατάλογο μέσα από άρθρο (όχι να ανοίγει σε άλλο παράθυρο ή να το κατεβάζω.)
Ευχαριστώ.

Hello all,
After updating to Elxis 5.6 Oxylus, I noticed that there were changes in the template five index.php file.

Before the update, I used the following code:
// add meta tags using method using classes
elxisloader::loadFile('templates/five/includes/seometatags.class.php')."\n";
$seotags = new seometatags();
$seotags->dispseometatags();

elxisloader::loadFile('templates/five/includes/five.class.php');
$tpl5 = new templateFive();
$tplts = filemtime(ELXIS_PATH.'/templates/five/css/template'.$eLang->getinfo('RTLSFX').'.css');

Now I see the following code:
$f = ELXIS_PATH.'/templates/five/css/template'.$eLang->getinfo('RTLSFX').'.css';
$integrity = $eDoc->integrityFileHash($f);
$tplts = filemtime($f);

elxisloader::loadFile('templates/five/includes/five.class.php');
$tpl5 = new templateFive();

As I realize that this is an added security measure, as you have added
integrity="sha256-<?php echo $integrity;  and  $eDoc->getNonce(); into the html head section link.
How can I add in the seometatags.class.php file?

Another question:  I use the following js addin,
<script data-account="999999999" src="https://cdn.userway.org/widget.js"></script>Do I have to modify html script tag for security purposes?

I use CSS/JS minifier in some sites, including elxis.org, and I have not this problem.

Despite the above an other solution would be to change Elxis Defender general rules.

Open includes/libraries/elxis/defender/general.rules.php
Locate "PHP wrapper attack" line and remove the "data:" from the list

Replace this:
array('URI,QUERY', 'ftp\:|ftps\:|rtp\:|udp\:|php\:|data\:|file\:|glob\:|zlib\:|ogg\:|ssh2\:|expect\:', 'PHP wrapper attack'),
with this:
array('URI,QUERY', 'ftp\:|ftps\:|rtp\:|udp\:|php\:|file\:|glob\:|zlib\:|ogg\:|ssh2\:|expect\:', 'PHP wrapper attack'),