: Serving script directly from `raw.github.org
` is a Bad Idea™. Use GitHub Pages instead!
I like this change; it's good for security in a belts-and-braces sort of way.
One effect, however, is causing a bit of consternation: GitHub serves resources from `raw.github.com
` with `Content-Type: text/plain` and `X-Content-Type-Options: nosniff` headers; they don't actually want you using `raw.github.org
` as a CDN. This change breaks pages that are loading script directly from a GitHub repo: you'll see errors like "Refused to execute script from '[URL]' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled."
GitHub (and I!) would very much prefer that you use Pages to serve content. It's easier on their servers, it's very well supported by the tools they offer, and it will work in browsers that support `X-Content-Type-Options`.