A new feature in Google Chrome 45 is the ability to add meta data inline to
This is done by adding integrity metadata to the element inline such as:
<link rel=”stylesheet” href=”this_is_verified.css” integrity=”sha256-qvuZLpjL9TNV6yI1kNdGCPnSTrWM6Y0ILEzzyvA9hGY=”>
You would generate the base64 encoded version of the SHA256 hash with the following command:
cat this_is_verified.css openssl dgst -sha256 -binary openssl enc -base64 -A
If the hash doesn’t match the file and the integrity is compromised the browser will not load the resource.
This is currently in development for Firefox as well, though no news on Edge or Safari for implementation.