- From: Gabor Szathmari <gszathmari@gmail.com>
- Date: Wed, 13 Jan 2016 04:14:37 +0000
- To: public-webappsec@w3.org
- Message-Id: <13875064-EC6F-4B65-A98A-3628504D0A37@gmail.com>
Hi everyone, I think SRI is a great concept, but there are a lot of things to do with regards to the supporting tools. To boost the widespread implementation of SRI, I have developed a new service that allows anyone to scan and evaluate their websites for SRI hash usage. The service is similar to Qualys’s SSL Server Test, where anyone can submit URLs to be scanned for SSL implementation. The service generates a simple report, which features a ‘grade’ (A to F) based on the number of protected / unprotected assets. The generated reports are actionable, as they also list which JS/CSS assets should be protected by SRI hashes. The target audience of the service is non-tech savvy website owners as well as skilled frontend developers. Please give the new service a spin on https://sritest.io <https://sritest.io/> and let me know your thoughts. It is still in beta and under heavy development, so any feedback is very appreciated from you. Regards, Gabor Szathmari gszathmari@gmail.com
Received on Wednesday, 13 January 2016 08:14:45 UTC