HTML <script> integrity Attribute
Last Updated :
27 Feb, 2024
The integrity attribute is used to permit the Browser to check the fetched script to ensure the source code is never loaded. It is used to check whether the third party has altered the resource or not.Â
Subresource Integrity(SRI) is a security feature developed by w3comsortium that is used to permit a Browser to verify all the external scripts that would be fetched. It gives surety that the scripts are not altered by the third party.Â
The working process of SRI is going to follow the steps:Â
- The webpage holds the hash value and on the other side, the server holds the .js file.
- Now, the browser matches the hash value of the integrity attribute
- In the end, if the value of hash matches then the file is used otherwise the file is blocked.
SyntaxÂ
<script integrity="filehash">permit
 Attribute Values:Â
- filehash: It indicates the hash value of the external script file.
Example 1: Â Â
HTML
<!DOCTYPE html>
<html>
<head>
<title>
HTML script integrity Attribute
</title>
</head>
<body style="text-align:center;">
<h1>
GeeksForGeeks
</h1>
<h2>
HTML script integrity Attribute
</h2>
<script id="myGeeks" type="text/javascript"
src="my_script.js"
integrity=
"sha384-q8i/X+965DzO0rT7abK41JStQIAqVgRVzpbzo5smXKp4YfRvH+8abtTE1Pi6jizo">
</script>
<br>
<button>Submit</button>
</body>
</html>
|
Output:
Example 2:Â
HTML
<!DOCTYPE html>
<html>
<head>
<title>
script tag
</title>
<style>
body {
text-align: center;
}
h1 {
color: green;
}
</style>
</head>
<body>
<h1>GeeksforGeeks</h1>
<h2>
HTML integrity Attribute
in <script> Element
</h2>
<p id="Geeks"></p>
<script charset="UTF-8" integrity=
"e0d123e5f316bef78bfdf5a008837577OOo_2.0.1_LinuxIntel_install.tar.gz">
document.getElementById("Geeks")
.innerHTML = "Hello GeeksforGeeks!";
</script>
</body>
</html>
|
Output:
Supported Browsers:Â
- Google Chrome 45.0
- Edge 17.0
- Firefox 43.0
- Apple safari 11.1
- Opera
Like Article
Suggest improvement
Share your thoughts in the comments
Please Login to comment...