Tag: SRI

Total 2 Posts

Enforcing the use of SRI

January 03, 2017

Subresource Integrity is an awesome security feature that allows us to ensure that assets served by a CDN haven't been tampered with. Now, thanks to a new directive in CSP, we can ensure that SRI is used across our site. SRI In short, SRI allows us to embed the hash…

Continue Reading

Subresource Integrity: Securing CDN loaded assets

September 27, 2015

Most sites on the Internet these days load some kind of content from a CDN, usually JS and CSS. Whilst this comes with great performance boosts and savings on bandwidth, we're trusting that CDN to load content into our pages, content that could possibly be harmful. Until now, we had…

Continue Reading

The Author

Scott Helme

Scott Helme is a security researcher, international speaker and author of this blog. He is also the founder of securityheaders.io and report-uri.io, free tools to help organisations better deploy security.

Follow

Upcoming Events

BlackHat USA: (Las Vegas - USA)
22nd-27th July 2017
DEF CON: (Las Vegas - USA)
27th-30th July 2017
BSides Las Vegas: (Las Vegas - USA)
25th-26th July 2017
BSides Manchester: (Manchester - England)
17th August 2017
SmashingConf: (Freiburg - Germany)
11th-12th September 2017
ScotSoft: (Edinburgh - Scotland)
5th October 2017

Subscribe

Cheat Sheets

CSP Cheat Sheet
HSTS Cheat Sheet
HPKP Cheat Sheet
HTTPS Cheat Sheet
Performance Cheat Sheet
License CC BY-SA 4.0 - scotthelme.co.uk