Verifying Content
Verifying Content Served from CDN
Integrity Verification
Today's the most common way to verify that you have received or downloaded the proper file is to compute a checksum and compare it against one calculated by a reliable source. SHA-512 is frequently used to compute checksums -because it is unlikely that two different files will ever have the same checksum. A checksum is a particular type of hash used to verify the integrity of a file.
Bad Data? SHA-512 and SRI To The Rescue!
Subresource Integrity (SRI) is a security feature that enables browsers to verify that the resources they fetch are delivered without unexpected manipulation. It works by providing a cryptographic hash that a fetched resource must match. This is achieved by comparing the content with a cryptographic digest contained within the surrounding HTML tag. SRI makes sure that your files have been delivered without a third party modifying them on the fly. SRI and the integrity attribute ensure that the file you linked to a page never changes. And if it does change, then the browser will reject it. Checking that code hasn’t changed is an old computer science problem with well-established solutions. SRI adopts the simplest — file hashing.
File Hashing
File hashing is taking a file and running it through an algorithm that reduces it to a short string representation, known as a hash or checksum. The process is either repeatable or reversible, so much so that if you give someone else a file along with the hash, they’d be able to run the same algorithm to check that the two match. If the file changes or the hash changes, then there’s no longer a match, and you know something is wrong and should distrust the file. When using SRI, your webpage holds the hash and the server (CDN or anywhere) holds the file. The browser downloads the file, then quickly computes it to ensure that it matches the hash in the integrity attribute. If it matches, the file is used; if not, it is blocked. This is key for any DeFi front-end to avoid allowing users to load hijacked websites and the subsequent loss of customers’ funds, such as Badger DAO’s front-end hack.
“BadgerDAO, a DeFi protocol for earning yield with tokenized Bitcoin on Ethereum, has fallen victim to an attack. The hacker reportedly added a malicious script to the protocol’s frontend website, prompting users to approve a smart contract transaction giving the script unlimited permission to drain funds from their wallets” Read more.
Using Subresource Integrity
SRI feature is easily implemented by specifying a base64-encoded cryptographic hash of a resource (file) you’re telling the browser to fetch in the value of the integrity attribute of any <script> or <link> element.
An integrity value begins with at least one string. Each string includes a prefix indicating a particular hash algorithm (currently, the allowed prefixes are sha256, sha384, and sha512), followed by a dash, ending with the actual base64-encoded hash.
AN INTEGRITY VALUE’S “HASH” PART IS, STRICTLY SPEAKING, A CRYPTOGRAPHIC DIGEST FORMED BY APPLYING A PARTICULAR HASH FUNCTION TO SOME INPUT (FOR EXAMPLE, A SCRIPT OR STYLESHEET FILE).
<script src="https://resourceid.medianetwork.cloud/jquery.min.js"
integrity="sha256-C6CB9UYIS9UJeqinPHWTHVq…" crossorigin="anonymous"></script>
Failover back to origin if the hash doesn't match
<script>window.jQuery || document.write('<script src="https://origin.com/jquery-.min.js">
<\/script>')</script>