Skip to main content

sritest.io February Update

Semi-regular updates on the improvements, bugfixes and other changes to the Subresource Integrity scanner at sritest.io

Simplified Reports

Scoring on SRI reports has been revamped to make them easier to understand.

Each website is now assigned with a percentage rate, rather than an absolute number. The number represents the ratio of unsafe JavaScript and CSS assets to the total number of website assets.

If a web page includes a 1 unsafe asset out of 2, the rate of unsafe assets is 50%. Similarly, if another page consists of 50 unsafe assets out 100 assets, the rate is also 50%.

The rate is used to determine the final grade of the assessment. For more details on grading, check out the tooltip by hovering your mouse over the grade on any website report.

Revamped scoring reports on sritest.io

Easier URL Submission

There is no need to left-click anymore to submit a URL for scanning. The input field already has focus so that the URL can be typed or copy-pasted straightaway. Just press ENTER afterwards and the report should appear in a few seconds.

IPv6 Support

The website on sritest.io is also available over IPv6. Thanks to CloudFlare, turning on this feature was a breeze.

sritest.io IPv6 Support

About sritest.io

Subresource Integrity (SRI) was developed to protect website visitors from malicious JavaScript and CSS assets hosted at third-parties. The service on sritest.io was born to foster the widespread implementation of SRI. The technique allows website owners, frontend developers, and penetration testers to evaluate any web page for SRI usage.

Share on LinkedInShare on FacebookTweet about this on TwitterPin on PinterestShare on Google+Share on RedditFlattr the authorEmail this to someone
Share This Post!

Gabor

Founder of privacyforjournalists.org.au and sritest.io, organiser of @CryptoPartySyd, privacy and infosecurity enthusiast | Threema: PRN7228A | PGP: https://keybase.io/gszathmari