vite-plugin-sri2
v2.0.1
Published
Vite Plugin SRI2 adds [Subresource Integrity (SRI)](https://developer.mozilla.org/ja/docs/Web/Security/Subresource_Integrity) to the `<script>` and `<link>` elements in your "index.html" file during at build time.
Downloads
17
Maintainers
Readme
vite-plugin-sri2
Vite Plugin SRI2 adds Subresource Integrity (SRI) to the <script>
and <link>
elements in your "index.html" file during at build time.
Below are examples of how the <script>
and <link>
elements in your built "index.html" file would look like after SRI attributes have been added:
Installation
$ yarn add vite-plugin-sri2 -D
# or
$ npm install vite-plugin-sri2 -D
# or
$ pnpm install vite-plugin-sri2 -D
Usage
add to vite config
// vite config
import { defineConfig } from 'vite';
import { sri } from 'vite-plugin-sri2';
export default defineConfig({
plugins: [sri()]
});
Options
hashFunctionName
- Type :
string
- Default :
sha384
The supported hash functions are SHA-256
, SHA-384
, and SHA-512
.
This is in compliance with the W3C specification.
Conformant user agents must support the SHA-256, SHA-384 and SHA-512 cryptographic hash functions for use as part of a request’s integrity metadata and may support additional hash functions.
The default is selected based on the W3C specification.
At the time of writing, SHA-384 is a good baseline.