-
Notifications
You must be signed in to change notification settings - Fork 0
Subresource integrity
Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched resource must match.
First register the tag helpers in the _ViewImports.cshtml:
@addTagHelper *, Sidio.Web.Security.AspNetCoreAnd register the required services. By default, the hash algorithm is set to sha256 and the hash will be
cached for 90 days.
builder.Services
.AddSubresourceIntegrity();Then add the integrity taghelper attribute asp-add-subresource-integrity="true" to the script or link tag:
<link rel="stylesheet" href="https://example-cdn.com/bootstrap.min.css" asp-add-integrity="true" />
<script src="https://example-cdn.com/site.js" asp-add-integrity="true"></script>Alternatively, the integrity attribute can be applied automatically to all script and link tags by configuring the tag helpers:
builder.Services
.ConfigureTagHelpers(x =>
{
x.AutoApplySubresourceIntegrity = true;
}
);builder.Services
.AddSubresourceIntegrity(x =>
{
x.Algorithm = SubresourceHashAlgorithm.SHA512;
x.AbsoluteExpiration = TimeSpan.FromDays(180);
}
);Parts of this wiki may come from, or be based on, the MDN Web Doc's. Documentation by Mozilla Contributors is licensed under CC-BY-SA 2.5 or any later version.