ssri
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|---|---|---|---|---|
safe-buffer | 5.2.1 | 9.74 kB | MIT | prod |
SSRI, short for Standard Subresource Integrity, is a Node.js utility primarily used for managing Subresource Integrity hashes. The library is responsible for parsing, manipulating, serializing, generating, and verifying SRI hashes in compliance with the SRI specification. SRI hashes are essential in ensuring the integrity of resources loaded by web applications, making this library pivotal in the web security domain.
To utilize the SSRI library in your Javascript project, follow these steps:
Install SSRI: You can add the package to your project by running the command npm install --save ssri
in your terminal.
Require SSRI: In your JavaScript file, include const ssri = require('ssri')
at the beginning.
Use SSRI's functionalities: Here are a few examples of how to use its different methods:
Parsing and Serializing
const integrity = 'sha512-SAMPLEHASH';
const parsed = ssri.parse(integrity); // interpret SRI hash
console.log(parsed);
console.log(ssri.stringify(parsed)); // === integrity (works on non-Integrity objects)
console.log(parsed.toString()); // === integrity
Integrity Generation
const data = fs.readFileSync('./my-file');
console.log(ssri.fromData(data)); // generate Hash from data
Integrity Verification
const data = fs.readFileSync('./my-file');
const integrityCheck = ssri.checkData(data, integrity);
console.log(integrityCheck); // verify integrity of data
SSRI’s detailed documentation can be found on the GitHub page of the library. The documentation entails an extensive guide on the API methods, providing examples and context for each one. Besides this, the document also covers other aspects like installation, features, and how to contribute to the open-source project.