SUBRESOURCE INTEGRITY / SRI
defined.

What is Subresource Integrity (SRI)?

If your site loads jQuery from a CDN, an attacker who compromises the CDN can replace it with malicious code. SRI mitigates that: <script integrity="sha384-..."> tells the browser to refuse a mismatched file.

Related terms.

• Content Security Policy (CSP)
• HTTP Strict Transport Security (HSTS)
• Cross-Site Scripting (XSS)
• Cross-Origin Resource Sharing (CORS)

Where this shows up.

See our web application penetration testing, API security testing, network penetration testing, and cloud security audit services for how we test for and defend against this class of issue.