SRI Hash Generator — Subresource Integrity for CDN Resources
Generate Subresource Integrity (SRI) hashes to protect your website from compromised CDN resources. Enter a URL, upload a file, or paste resource content to compute SHA-256, SHA-384, and SHA-512 hashes. The tool generates ready-to-use <script> and <link> HTML tags with the integrity attribute included. SHA-384 is recommended by the W3C for most use cases. All hashing runs entirely in your browser via the Web Crypto API.
Features
- Generate SRI hashes from a URL, file upload, or pasted text
- Supports SHA-256, SHA-384 (recommended), and SHA-512 simultaneously
- Auto-generates ready-to-use <script> and <link> HTML tags
- One-click copy of integrity attribute and full HTML tag
- Privacy-first: All hashing runs client-side in your browser
- Auto-detects resource type (JS vs. CSS) from URL or filename
What is Subresource Integrity?
Subresource Integrity (SRI) is a security feature that allows browsers to verify that resources fetched from a CDN or third-party server have not been tampered with. When you include an external script or stylesheet, the browser computes its hash and compares it against the value you provided in the integrity attribute — if they don't match, the resource is blocked.
SRI is especially important for resources loaded from CDNs, where you have no control over the server. Even if a CDN is compromised and serves a malicious file, SRI will prevent it from running.
<script src="https://cdn.example.com/lib.min.js" integrity="sha384-abc123..." crossorigin="anonymous"></script>Which Algorithm Should I Use?
- SHA-384 — Recommended. Strong security, widely supported, standard choice for most CDN resources.
- SHA-512 — Maximum security. Use when you need the highest level of integrity assurance.
- SHA-256 — Supported, but SHA-384+ is preferred for new projects.
You can specify multiple hashes in a single integrity attribute, separated by spaces. The browser will use whichever algorithm it supports and considers the strongest.
Useful Resources