Tag: SRI

Total 2 Posts

Enforcing the use of SRI

January 03, 2017

Subresource Integrity is an awesome security feature that allows us to ensure that assets served by a CDN haven't been tampered with. Now, thanks to a new directive in CSP, we can ensure that SRI is used across our site. SRI In short, SRI allows us to embed the hash…

Continue Reading

Subresource Integrity: Securing CDN loaded assets

September 27, 2015

Most sites on the Internet these days load some kind of content from a CDN, usually JS and CSS. Whilst this comes with great performance boosts and savings on bandwidth, we're trusting that CDN to load content into our pages, content that could possibly be harmful. Until now, we had…

Continue Reading

The Author

Scott Helme

Scott Helme is a security researcher, international speaker and author of this blog. He is also the founder of securityheaders.io and report-uri.io, free tools to help organisations better deploy security.

Follow

Upcoming Events

CMC Symposium: (Lugano - Switzerland)
20th-21st September 2017
TLS Training: (Oslo - Norway)
25th-26th September 2017
TLS Training: (Bergen - Norway)
28th-29th September 2017
ScotSoft: (Edinburgh - Scotland)
5th October 2017
Incapsula D3: (London - England)
17th October 2017

Subscribe

Cheat Sheets

CSP Cheat Sheet
HSTS Cheat Sheet
HPKP Cheat Sheet
HTTPS Cheat Sheet
Performance Cheat Sheet
License CC BY-SA 4.0 - scotthelme.co.uk