I am working on a client requirement to implement subresource integrity on our website to make it more secure, which would require adding attribute named "integrity" with cryptographic digest of client library to client lib JS/CSS file reference.
As it would require certain degree of customization, I wanted to check if anyone has implemented this feature with AEM.
Thanks in Advance,
The way I can think here is:
2. You need to create your tag which uses the HtmlLibraryManager to get the list of includes for a particular category (or set of categories) and use those to output the appropriate HTML.
// HtmlLibraryManager provides access to repository defined html libraries.
// To Create AEM clientlibs that can output 'async', 'defer' and 'onload' attributes on your HTML script elements.
Meanwhile, i have asked internal experts to share their thoughts on this.
Did you get SRI implemented in your site and it seems it is not supported in IE.
Thanks Kautuk for the direction, it definitely looks promising. I will update here if I am able to leverage it to achieve SRI with clientslibs.
Looking forward for more feedback.