Yoryantra
← Back to Tools

Subresource Integrity Hash Generator

Generate Subresource Integrity hashes for scripts and styles. Create SHA-256, SHA-384, and SHA-512 integrity attributes for CDN resources directly in your browser.

Paste the exact final JavaScript or CSS content served by the CDN. SRI hashes must match the bytes served to the browser.

Optional. Used only when generating script or stylesheet HTML snippets.

Options

SRI is useful for fixed CDN scripts and styles. It can break if the remote file changes without updating the integrity hash.

Output

Generated SRI output will appear here.
SRI hash generation happens directly in your browser using the Web Crypto API. Your pasted script or stylesheet content is not uploaded to a server.

Generating Subresource Integrity Hashes for CDN Files

Subresource Integrity helps browsers verify that an external script or stylesheet has not changed unexpectedly. When you add an integrity attribute, the browser checks the downloaded file against the expected hash before executing the script or applying the stylesheet.

This SRI Hash Generator creates SHA-256, SHA-384, and SHA-512 integrity values from pasted resource content, then builds ready-to-copy script or stylesheet snippets.

Using the SRI Hash Generator

  1. Paste the exact final JavaScript or CSS bytes as text, including the same line endings and minification.
  2. Enter the resource URL if you want a full HTML snippet.
  3. Choose SHA-384 for a common secure default, or generate all hashes.
  4. Copy the integrity attribute or complete script/link tag.
  5. Update the hash whenever the external file changes.

Example SRI Script Tag

<script src="https://cdn.example.com/app.min.js"
  integrity="sha384-..."
  crossorigin="anonymous"></script>

When SRI Is Useful

  • Loading third-party scripts from a CDN with a fixed version URL.
  • Loading shared CSS frameworks from external hosts.
  • Pinning a known fixed version of a library.
  • Reducing risk from unexpected CDN file changes.
  • Improving browser-side supply-chain protection for static resources.

SRI Works Best With Fixed File Versions

SRI hashes are exact. If even one byte changes in the CDN file, the browser rejects the resource. This is good for safety, but it means SRI should usually be used with versioned or pinned files, not URLs that change often.

If you update a script or stylesheet, regenerate the SRI hash and update the HTML tag at the same time.

Frequently Asked Questions

What is Subresource Integrity?

Subresource Integrity is a browser security feature that checks whether an external script or stylesheet matches a trusted cryptographic hash.

Which SRI algorithm should I use?

SHA-384 is commonly used and is a good default. SHA-256 and SHA-512 are also supported by modern browsers.

Why did my script stop loading after adding SRI?

The file served by the CDN probably does not match the pasted content used to generate the hash, or the remote file changed.

Should I use crossorigin with SRI?

Yes for cross-origin resources. The CDN also needs to allow CORS, often with an Access-Control-Allow-Origin response header.

Is anything uploaded when I generate a hash?

No. The hash is generated directly in your browser.