Require SRI (Sub Resource Integrity)

I’ve written previously about both CSP (Content Security Policy) and SRI (Sub Resource Integrity), both of which are mechanisms that can be used to better secure your website. CSP (or Content Security Policy) allows you to set a number of directives about what types of content can be loaded by your website, and what locations they can…

Server push and SRI not compatible

SRI, or Sub-Resource Integrity, is a new-ish technology that I’m a big fan of.  It’s something that’s so easy to implement, especially if you’re using a workflow tool such as Gulp, but also so powerful when referencing third party or CDN-hosted libraries, to avoid inadvertent or breaking changes. A few days ago I posted about adding…