SRI Hash Generator
Generate ready-to-paste integrity attributes for CDN scripts and styles. Everything runs locally in your browser using the Web Crypto API.
- 1 Fetch your resource securely with CORS
- 2 Choose SHA-256, SHA-384 or SHA-512
- 3 Copy the ready-made tag with integrity + crossorigin
Live generator
Build a Subresource Integrity hash
Hashes are generated locally—no data ever leaves this page.
What is Subresource Integrity?
Subresource Integrity (SRI) is a W3C specification that lets you ensure third-party resources have not been tampered with. Add an integrity attribute alongside crossorigin="anonymous" whenever you load assets from a CDN.
Learn more from the official spec or MDN.
How does it protect you?
TLS secures the connection, but a compromised CDN can still serve modified files. SRI ensures the bytes you load match the original hash you published; if they change, the browser blocks the resource.
Use the generator above or run openssl dgst -sha384 -binary file.js | openssl base64 -A in your terminal.
Browser support
Modern browsers support SRI. Check specific versions on caniuse.com or run the badge test below to confirm your setup.
Remember: always include crossorigin="anonymous" when hashing cross-origin resources, or the browser will ignore the integrity attribute.
Test your browser
SRI BadgeThis badge checks whether your browser honors SRI. A failed stylesheet below should prevent the badge from showing a passing state.
Your browser supports SRI
Your browser does not support SRI