How it works
How Subresource Integrity Works
Use this free SRI hash generator to create Subresource Integrity checksums for CDN-hosted scripts and stylesheets. The tool computes SHA-256, SHA-384 (recommended), and SHA-512 hashes from a CDN URL or pasted file content, then outputs complete HTML tags with integrity and crossorigin attributes ready to paste into your project.
Subresource Integrity protects your users by ensuring that external resources loaded from a CDN have not been tampered with. If an attacker modifies the file on the CDN, the browser will refuse to execute or apply it because the hash will not match. This is a critical security layer for any site that loads third-party scripts or styles.
This generator supports two input modes: fetch a CDN URL directly through the browser (requires CORS support on the CDN), or paste raw file contents for offline hashing. The URL mode detects whether the asset is a script or stylesheet and generates the appropriate HTML tag. The content mode is useful when CORS blocks direct fetching or when you want to hash a local file.
Everything runs in your browser. CDN URLs and file contents are hashed using the Web Crypto API and are never transmitted to a server. The generated tags and hashes are ready for immediate use in your HTML, build tools, or deployment scripts.