Vite Plugin SRI2 adds Subresource Integrity (SRI) to the <script> and <link> elements in your "index.html" file during at build time.
Below are examples of how the <script> and <link> elements in your built "index.html" file would look like after SRI attributes have been added:
$ yarn add vite-plugin-sri2 -D
# or
$ npm install vite-plugin-sri2 -D
# or
$ pnpm install vite-plugin-sri2 -D// vite config
import { defineConfig } from 'vite';
import { sri } from 'vite-plugin-sri2';
export default defineConfig({
plugins: [sri()]
});- Type :
string - Default :
sha384
The supported hash functions are SHA-256, SHA-384, and SHA-512.
This is in compliance with the W3C specification.
Conformant user agents must support the SHA-256, SHA-384 and SHA-512 cryptographic hash functions for use as part of a request’s integrity metadata and may support additional hash functions.
The default is selected based on the W3C specification.
At the time of writing, SHA-384 is a good baseline.