Skip to main content

resources.Fingerprint

{{ with resources.Get "js/main.js" }}
  {{ with . | fingerprint "sha256" }}
    <script src="{{ .RelPermalink }}" integrity="{{ .Data.Integrity }}" crossorigin="anonymous"></script>
  {{ end }}
{{ end }}

Hugo renders this to something like:

<script src="/js/main.62e...df1.js" integrity="sha256-Yuh...rfE=" crossorigin="anonymous"></script>

Although most commonly used with CSS and JavaScript resources, you can use the resources.Fingerprint function with any resource type.

The hash algorithm may be one of md5, sha256 (default), sha384, or sha512.

After cryptographically hashing the resource content:

  1. The values returned by the .Permalink and .RelPermalink methods include the hash sum
  2. The resource's .Data.Integrity method returns a Subresource Integrity (SRI) value consisting of the name of the hash algorithm, one hyphen, and the base64-encoded hash sum