SRI Hash Generator

GenTools/SRI Hash Generator

Country Tools:

Developer

Generate Subresource Integrity (SRI) hashes for scripts and stylesheets to ensure third-party resources haven't been tampered with.

Resource Content

Resource URL (optional, for tag generation)

Hash Algorithm(s)

sha256sha384sha512

Resource Type

About Subresource Integrity

SRI (Subresource Integrity) allows browsers to verify that resources fetched from CDNs or third-party servers haven't been tampered with.

CDN Protection - Detect if a CDN-hosted file has been modified or compromised
Supply Chain Security - Prevent supply-chain attacks via compromised third-party scripts
Multiple Hashes - Specify multiple algorithms for broader browser compatibility
CSP Integration - Use SRI hashes in Content-Security-Policy for inline scripts

Security Note

All hash computation is performed entirely in your browser using the Web Crypto API. Your content never leaves your device.

What is This Tool?

An SRI hash generator creates Subresource Integrity hashes for CDN-hosted scripts and stylesheets. SRI lets browsers verify that fetched resources haven't been tampered with by checking their cryptographic hash against the expected value in your HTML.

SRI works by adding an integrity attribute to script and link tags: integrity="sha384-base64hash". The browser computes the hash of the downloaded file and compares it. If the hashes don't match (CDN compromise, MITM attack), the resource is blocked from executing.

Common Use Cases

CDN Security

Generate integrity hashes for all CDN-hosted libraries to protect against CDN compromises and supply chain attacks.

Compliance Requirements

Meet PCI-DSS, SOC 2, and other security standards that require integrity verification for third-party scripts.

CSP Integration

Use SRI alongside Content Security Policy require-sri-for directive for comprehensive resource integrity enforcement.

Build Pipeline

Automate SRI hash generation in your build process for every external resource reference.

Frequently Asked Questions

Which hash algorithm should I use?

SHA-384 is recommended by the W3C SRI specification. SHA-256 and SHA-512 are also supported. You can include multiple hashes for algorithm agility.

Do I need crossorigin="anonymous"?

Yes. SRI requires CORS. Add crossorigin="anonymous" to script/link tags for cross-origin resources, and ensure the CDN sends Access-Control-Allow-Origin headers.

What happens if the hash doesn't match?

The browser blocks the resource entirely — the script won't execute or the stylesheet won't apply. This is by design to prevent tampered code from running.