Skip to main content

Remediation Steps

Follow the steps below to remediate this finding on Generic / Developer guidance.

  1. Subresource Integrity (SRI) allows browsers to verify that third-party files (scripts, stylesheets) have not been tampered with.

  2. For each externally hosted resource, generate a hash and add the integrity attribute:

    openssl dgst -sha384 -binary lib.js | openssl base64 -A

  3. Or use an online SRI hash generator.

  4. Add to your HTML:

  5. <script src="https:

    //cdn.example.com/lib.js"

  6. integrity="sha384-<base64hash>"

  7. crossorigin="anonymous"></script>

Back to top