External Script SRI

The External Script SRI module allows site administrators to easily add external JavaScript library paths with support for Subresource Integrity (SRI) hashes and the crossorigin attribute. This ensures enhanced security for third-party scripts by verifying their integrity.

Features

Basic Functionality

This module provides a user-friendly interface for configuring external JavaScript libraries with the following options:

• Specify JavaScript file URLs.
• Add SRI hash values for each library.
• Mark libraries as sensitive to flag them for additional scrutiny.
• Set the crossorigin attribute value for each script.

Unique Features

• Dynamic Configuration Form: A table-based configuration form to easily manage multiple JavaScript libraries.
• Security Focus: Ensures integrity checks for third-party scripts by supporting the SRI hash mechanism.
• Flexible Crossorigin Support: Allows administrators to specify the appropriate crossorigin attribute for CORS compliance.

Use Cases

• Websites relying on external JavaScript libraries for functionality or design.
• Applications requiring strict security compliance for third-party script integrity.
• Development teams needing an organized, centralized way to manage external scripts.

Post-Installation

Once installed, follow these steps to configure the module:

1. Navigate to the module’s configuration page under Configuration > External Script SRI.
2. Use the provided form to:
   • Add the module name and library name.
   • Enter the JavaScript file URL.
   • Generate and input the SRI hash (use SRI Hash Generator).
   • Optionally mark the library as sensitive.
   • Set the crossorigin attribute.
3. Save the configuration to enable the specified libraries with SRI support.

Additional Requirements

Dependencies
Drupal Core: Version 9 or higher.

No additional modules are required, but access to third-party JavaScript files and a reliable SRI hash generation tool is recommended.