Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Search API HTML Element Filter 1.0.7 Minor update available for module search_api_html_element_filter (1.0.7). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). Varbase Media Header 9.2.1 Minor update available for module varbase_media_header (9.2.1). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

Sri UI

154 sites Security covered
View on drupal.org

This module helps protect your website by ensuring that any external files, like scripts and stylesheets loaded from content delivery networks, haven't been tampered with. It works by generating and applying cryptographic hashes to these files, allowing the browser to verify their integrity before loading them. This prevents malicious code injection through compromised external resources.

Subresource Integrity (SRI) is a security feature that enables browsers to verify that resources they fetch (for example, from a CDN) are delivered without unexpected manipulation. It works by allowing you to provide a cryptographic hash that a fetched resource must match.

How Subresource Integrity helps
Using Content Delivery Networks (CDNs) to host files such as scripts and stylesheets that are shared among multiple sites can improve site performance and conserve bandwidth. However, using CDNs also comes with a risk, in that if an attacker gains control of a CDN, the attacker can inject arbitrary malicious content into files on the CDN (or replace the files completely) and thus can also potentially attack all sites that fetch files from that CDN.

Subresource Integrity enables you to mitigate some risks of attacks such as this, by ensuring that the files your web application or web document fetches (from a CDN or anywhere) have been delivered without a third-party having injected any additional content into those files — and without any other changes of any kind at all having been made to those files.

Installation

  1. Download and install the module using Composer.
  2. Enable the module from the Extend page (`/admin/modules`) or via Drush.

Reference: Subresource Integrity - Security on the web | MDN

About this module
Provides a possibility to specify additional attributes to the libraries as required by Subresource Integrity rules

Configuration

  1. Navigate to the module configuration page at /admin/config/services/sri
  2. Enter the asset’s full URL in the required field and submit the form to generate the hash key.
  3. Alternatively, use the Drush command to update the hash key: drush update-assets-hash256

Activity

Total releases
4
First release
Sep 2025
Latest release
5 months ago
Releases (12 mo)
4 ▲ from 0
Maintenance
Active

Release Timeline

Releases

Version Type Release date
1.0.3 Stable Jan 28, 2026
1.0.2 Stable Nov 25, 2025
1.0.1 Stable Sep 25, 2025
1.0.0 Stable Sep 23, 2025