Security Check n°24 / 120

Subresource Integrity (SRI)

When a site loads a script from an external CDN (e.g. jQuery from cdnjs.com), it trusts that CDN. If the CDN is compromised and delivers a m…

Analyse my site for free
← All checks
How it works

How TheSiteFuse checks "Subresource Integrity (SRI)"

When a site loads a script from an external CDN (e.g. jQuery from cdnjs.com), it trusts that CDN. If the CDN is compromised and delivers a modified script, the site will execute it unknowingly. The integrity="sha384-..." attribute lets the browser verify the file hasn't been altered before executing it.

Why it matters

Real-world impact of "Subresource Integrity (SRI)"

Real CDN compromise incidents have injected cryptominers or password stealers across thousands of sites simultaneously. SRI is the only browser-side defence against this type of supply chain attack.

Does your site pass this check?

Run the free full audit (120 checks) and instantly discover what needs fixing.

Previous Server TLS version Next Valid A/AAAA record

Other Security checks

HTTPS active
Valid SSL certificate
HTTP → HTTPS redirect
HSTS header
Continue with Google
or