HTML

Enhancing Frontend Security with Subresource Integrity (SRI)

Protect your web application from CDN tampering by implementing Subresource Integrity (SRI) for externally hosted scripts and stylesheets.

<script src="https://example.com/script.js"
        integrity="sha384-oqVuAfXRKap7fdgcCY5uykM6+L96fylRk/rXwclWTxW7uWjXj+v6FwB8F2fFz4Q"
        crossorigin="anonymous"></script>

<link rel="stylesheet" href="https://example.com/style.css"
      integrity="sha384-H+K76RVpTfH7yN5kX9uFk/Qz2o5e/QhGv/J4dF1k7XgJ7/Wn4xQe/J5o5y5c5f5g"
      crossorigin="anonymous">

How it works: Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash (like SHA-384) that the browser can compare to the fetched file's hash. If the hashes don't match, the browser will refuse to load the resource, preventing potential supply chain attacks. The `crossorigin` attribute is also required for SRI to work correctly.

Need help integrating this into your project?

Our team of expert developers can help you build your custom application from scratch.

Hire DigitalCodeLabs

Enhancing Frontend Security with Subresource Integrity (SRI)

Related HTML Snippets

Smooth UI Animations with Vue 3 Transitions

Implementing Subresource Integrity (SRI) for External Scripts and Stylesheets

Implement a Robust Content Security Policy (CSP)

Need help integrating this into your project?