{{HTTPSidebar}}
The HTTP {{HTTPHeader("Content-Security-Policy")}} require-sri-for
directive instructis the client to requires the use of Subresource Integrity for scripts or styles on the page.
Syntax
Content-Security-Policy: require-sri-for script; Content-Security-Policy: require-sri-for style; Content-Security-Policy: require-sri-for script style;
- script
- Requires {{Glossary("SRI")}} for scripts.
- style
- Requires {{Glossary("SRI")}} for style sheets.
Examples
tbd
Specifications
Specification | Status | Comment |
---|---|---|
{{specName("Subresource Integrity", "#opt-in-require-sri-for", "upgrade-insecure-requests")}} | {{Spec2('Subresource Integrity')}} | Initial definition. |
Browser compatibility
The compatibility table in this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
{{Compat}}
See also
- {{HTTPHeader("Content-Security-Policy")}}
- Subresource Integrity