> Just about every non-trivial website on the planet loads in
> resources provided by other companies and organizations
Really? OK, adverts. But other than that? Surely at least many of them are self-contained. I hope.
If you are going to use 3rd-party code, you've got a difficult decision to make: import it from the 3rd party when the page loads and you're vulnerable to the 3rd party going down, getting hacked etc. But on the other hand, if a security issue is found then they may be able to fix it without you having to take any action. Copy the code to your own server and you'll find you've not kept up with updates and you get hacked....