Slides on Subresource Integrity from the SecTalks Sydney meetup
Upcoming Features of Subresource Integrity 2.x
As a response to the growing number breaches involving CDNs, the first release of the Subresource Integrity (SRI) was published hastily in late 2015. The W3C WebAppSec Working Group decided to leave certain useful features out, in favour of an early release. Although SRI already does the job, there is some room for improvement with regards to user experience. The good news is that some of these features will be added to the next iteration of SRI.
The following article gives a brief, speculative overview of the upcoming features of Subresource Integrity.
sritest.io February Update
Semi-regular updates on the improvements, bugfixes and other changes to the Subresource Integrity scanner at sritest.io
Compromising US Banks with Third-party Code
Scanning Websites for SRI Hash Usage with sritest.io
One problem is the slow implementation of SRI, thus sritest.io was born. The new service enables website owners and frontend developers to evaluate their sites for SRI hash usage. Sritest.io aims to help the widespread implementation of SRI, thus, ultimately protect website visitors from malicious code.