HTML - Integrity attribute

About

integrity is an attribute of the fetch elements.

Its value is a digest that controls that the file was not altered in transit. It's a data integrity functionality.

Example

If the calculation output with a sha384 was:

ZYfZnVukOuh/gRpU9uN+T9XwwRFJ9Y+0Ylk3zKvI184omb/HoOtQ0F8Iol7Nix7q

A link element for instance would be:

<link rel="stylesheet" href="stylesheet.css" integrity="sha384-ZYfZnVukOuh/gRpU9uN+T9XwwRFJ9Y+0Ylk3zKvI184omb/HoOtQ0F8Iol7Nix7q">

Script element with javascript

For a script element

<script src="script.js" integrity="sha384-ZYfZnVukOuh/gRpU9uN+T9XwwRFJ9Y+0Ylk3zKvI184omb/HoOtQ0F8Iol7Nix7q" type="text/javascript"></script>

Management

Calculation

Online

Offline

The integrity can be calculated with the following command line.

It calculate the digest with a sha (256 or 384) and apply the base64 algorithm above.

#sha256
openssl dgst -sha256 -binary stylesheet.css | openssl base64 -A

#sha384
openssl dgst -sha384 -binary stylesheet.css | openssl base64 -A

# work also for other script
openssl dgst -sha384 -binary script.js | openssl base64 -A

where:

Documentation / Reference


Powered by ComboStrap