Missing Subresource Integrity

info Web Application Scanning Plugin ID 98647


Missing Subresource Integrity


Subresource Integrity (SRI) is a web security standard that enables browsers to verify that resources hosted by third parties (CDN for example) are delivered without unexpected manipulation.

SRI works by comparing a cryptographic hash declared in the integrity attribute of the resource tag (like script or link) used to fetch the resource and the calculated hash value of this resource.

No SRI have been detected for one or more resources.


Add a integrity attribute to the resource tag with prefixed and base64 encoded hash of the resource.

See Also



Plugin Details

Severity: Info

ID: 98647

Type: remote

Published: 8/1/2019

Updated: 9/2/2021

Scan Template: scan, pci, overview

Vulnerability Information

Patch Publication Date: 8/1/2019

Vulnerability Publication Date: 8/1/2019