I’ve written previously about both CSP (Content Security Policy) and SRI (Sub Resource Integrity), both of which are mechanisms that can be used to better secure your website. CSP (or Content Security Policy) allows you to set a number of directives about what types of content can be loaded by your website, and what locations they can…
Tag: sri
Server push and SRI not compatible
SRI, or Sub-Resource Integrity, is a new-ish technology that I’m a big fan of. It’s something that’s so easy to implement, especially if you’re using a workflow tool such as Gulp, but also so powerful when referencing third party or CDN-hosted libraries, to avoid inadvertent or breaking changes. A few days ago I posted about adding…
Adding Sub Resource Integrity (SRI) checksums with Gulp
As I mentioned when I recently wrote about upgrading to Gulp 4, I had a number of posts in draft mode relating to my new development process with Git and Gulp. This post is going to be a combination of two of those. Let me start by saying the Sub Resource Integrity (or SRI) is excellent,…