Subresource Integrity

[codingjoe]

Code of Conduct

• I agree to follow Django's Code of Conduct

Feature Description

Now, with DSP taken care of, should we tackle subresource integrity next?

The header is supported by all browsers and might serve as a great addition to Django excellent security suite.

Problem

With supply chain attacks climbing to 3rd place on the OWASP ranking, I believe it might be a commendable effort.

Approving CDNs and vendors is a start, but I’d love SHA512 hashes, just in case 😉

Request or proposal

proposal

Additional Details

https://developer.mozilla.org/en-US/docs/Web/Security/Defenses/Subresource_Integrity

Implementation Suggestions

@RealOrangeOne has been maintaining django-sri for a good while now.

However, his approach was limited by Django's storage system.

I would propose to:

1. The actual header implementation is mostly a copy-paste job of the CSP middleware.
2. Add a integrity() function to the BaseStorage as well as a sample implementation for the FileSystemStorage.
3. Optionally, add an integrity template tag to static, which doesn't call url but the new integrity function.
4. Finally, we can safely wrap string paths in media assets in the Script and CSS objects, which render integrity values into the template.

[github-actions]

Thank you codingjoe for sharing your idea! We have a lot of them so please be patient. You can see the current queue here.

Community instructions

For commenters, please use the emoji reactions on the issue to express support, and/or concern easily. Please use the comments to ask questions or contribute knowledge about the idea. It is unhelpful to post comments of "I'd love this" or "What's the state of this?"

Reaction Guide

• 👍 This is something I would use
• 👎 This is something that would cause problems for me or Django
• 😕 I’m indifferent to this
• 🎉 This is an easy win

[Jarvisman03]

Hello 👋

I’d like to work on this proposal.

Approach:

• Introduce a middleware to handle Subresource Integrity headers, similar to CSP but modular.
• Add a utility to generate and cache SRI hashes (e.g., SHA-256/512) for static assets.
• Extend storage or provide a wrapper to expose integrity values without tightly coupling to existing storage logic.
• Optionally add a template helper to include integrity attributes in rendered tags.

Happy to refine the approach based on feedback.

Thanks!

[codingjoe]

Hi @Jarvisman03,

Love the initiative. 💚 I was hoping to work on this with Jake, but we're also excellent reviewers. That aside, this probably needs scrutiny by the security working group and the steering committee. I wouldn't recommend writing any code until more Django members have deliberated various solutions.

Cheers!
Joe

[codingjoe]

Small note for future reviewers: Let's not use SHA-256. With AI, every new data center stacking GPUs calculating SHA2 collision becomes more feasible. For a great deep dive on the different versions, read https://guptadeepak.com/sha-2-family-choosing-between-sha-256-sha-384-and-sha-512/

[RealOrangeOne]

Let's not use SHA-256

I disagree - let's conform to the spec. If SHA-256 is considered broken between now and implementation, then fine. Otherwise, it's better for Django to be unopinionated and let the user make up their own mind (SHA-256 creates shorter digests and is faster to compute, so there are definitely legitimate reasons to choose it).

[codingjoe]

@RealOrangeOne rightfully so. I was mistaken. After some research, I discovered that ALL SHA2 versions should be supported from the server, and the browser may pick the strongest hash type supported. SRI metadata items are space-separated. See also: https://www.w3.org/TR/sri/#agility

This makes sense; it's similar to a TLS handshake's cipher negotiation. Since the server can hash digests, we can easily create all digests (SHA-384 is a truncation anyway). However, the client might have limited hardware and may choose to check for SHA-256 to speed up rendering.

However, I still hope SRI sees a SHA3 extension soon. And funny side note, SHA-512 and 384 seem to outperform SHA-256 on longer messages, at least on the Intel Skylake benchmark: https://en.wikipedia.org/wiki/SHA-3#Comparison_of_SHA_functions

[codingjoe]

I opened an issue with MDN to improve the current examples: mdn/content#43302