Understanding Subresource Integrity (SRI)

Subresource Integrity - Security on the web | MDN 🔗

Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched resource must match.

Subresource Integrity (SRI) is a security feature that allows browsers to verify that resources fetched from a CDN or any other origin are delivered without unexpected manipulation. It works by providing a cryptographic hash for a fetched resource, which the browser then compares to ensure it matches. SRI helps mitigate the risk of attackers injecting malicious content into files on a CDN. This is done by specifying a base64-encoded cryptographic hash in the integrity attribute of a script or stylesheet element. Browsers handle SRI by refusing to execute the script or apply the stylesheet if the integrity check fails.

Subresource Integrity (SRI) is a security feature for verifying the integrity of resources fetched from CDNs or other origins.
SRI helps mitigate the risk of attackers injecting malicious content into files on a CDN by providing a cryptographic hash for the fetched resource.
Browsers handle SRI by refusing to execute the script or apply the stylesheet if the integrity check fails.