SRI Hash Generator

Understanding Subresource Integrity (SRI) in Web Development

Subresource Integrity, commonly referred to as SRI, is an innovative W3C standard. Its primary purpose is to empower web developers with a tool to verify that third-party hosted resources remain unaltered and genuine. Adopting SRI is widely considered a best practice, especially when integrating libraries from external sources.

For a comprehensive guide, check out how SRI operates as explained on Mozilla Developer Network (MDN).


Comparing Subresource Integrity (SRI) and HTTPS

While TLS (HTTPS) ensures a safe browser-server connection, it doesn't guard against server-side alterations of the resource by potential attackers. Even with a valid TLS certificate, the resource might be compromised. SRI steps in here, offering a validation that the resource remains as the web author intended.


Generating SRI Hashes yourself: A Step-by-Step Guide

To generate integrity hashes, you can use our built-in generator above. Alternatively, follow this command in your shell interface:
openssl dgst -sha384 -binary YOUR_FILENAME.js | openssl base64 -A


Importance of Including crossorigin="anonymous"

If your request spans different origins, it's crucial to include the crossorigin attribute. Without it, browsers default to a 'fail-open' mode, ignoring the SRI's security benefits. The attribute crossorigin="anonymous" ensures no credentials are forwarded to the third-party hosting the resource but sends an Origin header. Should the server deny access, the browser won't utilize the resource. Learn more about crossorigin on MDN's comprehensive guide.


Browser Compatibility for SRI

Wondering if your browser supports SRI? Explore caniuse.com's SRI section for detailed information on browser version compatibility.

For a hands-on experience, you can evaluate your browser's SRI compatibility on this test page.

0 comments