{"id":1184,"date":"2016-07-15T08:46:24","date_gmt":"2016-07-15T14:46:24","guid":{"rendered":"http:\/\/jaredrobinson.com\/blog\/?p=1184"},"modified":"2016-07-15T09:05:12","modified_gmt":"2016-07-15T15:05:12","slug":"html-subresource-integrity","status":"publish","type":"post","link":"https:\/\/jaredrobinson.com\/blog\/html-subresource-integrity\/","title":{"rendered":"HTML Subresource Integrity"},"content":{"rendered":"<p>LWN covers the new <a href=\"https:\/\/lwn.net\/Articles\/692950\/\">W3C spec for HTML subresource integrity (SRI)<\/a>:<\/p>\n<blockquote>\n<p>SRI is designed to combat injection attacks that come through third-party content. The originating site can include cryptographic hashes of third-party script and image files, enabling the user&#8217;s browser to hash the corresponding files it receives from the third-party servers and verify that the hashes match.<\/p>\n<\/blockquote>\n<p>Most browsers already support SRI, including Firefox, Chrome and Opera.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>LWN covers the new W3C spec for HTML subresource integrity (SRI): SRI is designed to combat injection attacks that come through third-party content. The originating site can include cryptographic hashes of third-party script and image files, enabling the user&#8217;s browser to hash the corresponding files it receives from the third-party servers and verify that the &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/jaredrobinson.com\/blog\/html-subresource-integrity\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;HTML Subresource Integrity&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12,16,17],"tags":[],"class_list":["post-1184","post","type-post","status-publish","format-standard","hentry","category-programming","category-security","category-tech"],"_links":{"self":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/posts\/1184","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/comments?post=1184"}],"version-history":[{"count":2,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/posts\/1184\/revisions"}],"predecessor-version":[{"id":1187,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/posts\/1184\/revisions\/1187"}],"wp:attachment":[{"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/media?parent=1184"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/categories?post=1184"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jaredrobinson.com\/blog\/wp-json\/wp\/v2\/tags?post=1184"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}