SRI Hash Generator
Generate Subresource Integrity hashes for external scripts and stylesheets. Protect your site from compromised CDNs.
Generated Hashes
Related Tools
You might also find these useful
Everything you need to know
What is Subresource Integrity?
Subresource Integrity (SRI) is a W3C security specification that enables browsers to verify that files fetched from external sources (like CDNs) have not been modified. When you add an integrity attribute to a <script> or <link> tag, the browser computes a hash of the downloaded file and compares it to the expected hash. If they don't match, the browser refuses to execute or apply the resource.
How This Tool Works
Provide a URL to a JavaScript or CSS file (from any CDN) or paste the file content directly. Select one or more hash algorithms (SHA-256, SHA-384, SHA-512). The tool fetches the resource, computes the cryptographic hashes using the Web Crypto API, and generates the complete HTML tag with the integrity and crossorigin attributes ready to copy and paste into your HTML.
Why SRI is Important
Supply chain attacks on JavaScript CDNs are a growing threat. In 2018, the event-stream npm package was compromised to steal cryptocurrency. In 2019, a British Airways Magecart attack injected malicious code via a third-party script. SRI prevents these attacks by ensuring the browser only executes code that matches the expected hash, even if the CDN itself is compromised.
SRI Best Practices
- Always include crossorigin="anonymous" — Required for cross-origin SRI verification
- Use SHA-384 or SHA-512 — SHA-384 is the recommended minimum strength
- Update hashes when updating libraries — New versions have different hashes
- Combine with CSP — Use
require-sri-forin your Content Security Policy
Related Security Tools
Generate a Content Security Policy to complement SRI, check your SSL configuration, or test your CORS headers.