resources.Fingerprint
{{ with resources.Get "js/main.js" }}
{{ with . | fingerprint "sha256" }}
<script src="{{ .RelPermalink }}" integrity="{{ .Data.Integrity }}" crossorigin="anonymous"></script>
{{ end }}
{{ end }}
Hugo renders this to something like:
<script src="/js/main.62e...df1.js" integrity="sha256-Yuh...rfE=" crossorigin="anonymous"></script>
Although most commonly used with CSS and JavaScript resources, you can use the resources.Fingerprint
function with any resource type.
The hash algorithm may be one of md5
, sha256
(default), sha384
, or sha512
.
After cryptographically hashing the resource content:
- The values returned by the
.Permalink
and.RelPermalink
methods include the hash sum - The resource's
.Data.Integrity
method returns a Subresource Integrity (SRI) value consisting of the name of the hash algorithm, one hyphen, and the base64-encoded hash sum