Title: Subresource Integrity (SRI) Manager
Author: Meitar
Published: <strong>5 ژوئن 2015</strong>
Last modified: 3 دسامبر 2020

---

جستجوی افزونه‌ها

This plugin **hasn’t been tested with the latest 3 major releases of WordPress**.
It may no longer be maintained or supported and may have compatibility issues when
used with more recent versions of WordPress.

![](https://s.w.org/plugins/geopattern-icon/wp-sri.svg)

# Subresource Integrity (SRI) Manager

 توسط [Meitar](https://profiles.wordpress.org/meitar/)

[دانلود](https://downloads.wordpress.org/plugin/wp-sri.zip)

 * [جزئیات](https://fa.wordpress.org/plugins/wp-sri/#description)
 * [نقد و بررسی‌ها](https://fa.wordpress.org/plugins/wp-sri/#reviews)
 *  [نصب](https://fa.wordpress.org/plugins/wp-sri/#installation)
 * [توسعه](https://fa.wordpress.org/plugins/wp-sri/#developers)

 [پشتیبانی](https://wordpress.org/support/plugin/wp-sri/)

## توضیحات

A WordPress plugin for easily adding a Subresource Integrity (SRI) declaration to
any third-party content your pages load. The standards-based `integrity` attribute
is a defense-in-depth best practice currently making its way into browsers. This
plugin closely tracks the W3C draft.

Currently, the plugin automatically detects any third-party resources (like JavaScript
libraries) and will make a SHA-256 hash of the content. It remembers this hash (
until you uninstall the plugin or delete the hash from the admin interface), and
modifies your page’s `<script>` and `<link>` elements on-the-fly. This way, your
visitor’s Web browsers can automatically ensure that the specific library you’re
using is the one they’re loading.

Using this plugin can dramatically reduce the liklihood that visitors to your site
will be strong-armed into participating in an HTTP DDoS attack. For more information,
see “[An introduction to JavaScript-based DDoS](https://blog.cloudflare.com/an-introduction-to-javascript-based-ddos/)”
by Nick Sullivan.

Future versions of this plugin will also provide an easy-to-use interface for site
administrators to maintain a customized list of resource hashes, and to trigger 
on-demand integrity checks of these resources.

This plugin is still somewhat skeletal. Feature requests and patches are welcome!
Please provide a test case with your patch. See the `tests` subdirectory for unit
tests.
 If you like this plugin, **please consider [making a donation](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WordPress%20Subresource%20Integrity%20Plugin&item_number=wp-sri&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted)
for your use of the plugin**, or better yet, contributing directly to [my’s Cyberbusking fund](http://Cyberbusking.org/).
Your support is appreciated!

## نصب

 1. Upload the unzipped `wp-sri` folder to the `/wp-content/plugins/` directory.
 2. Activate the plugin through the ‘Plugins’ menu in WordPress.

## سوالات متداول

### WP-SRI breaks my plugin/theme. How can I prevent it from blocking my assets?

If you’re a site administrator, you can manually exclude specific resources by their
URL from the Subresource Integrity Manager screen under Tools → Subresource Integrity
Manager.

If you’re a plugin or theme author, you can use the `option_wp_sri_excluded_hashes`
filter hook to dynamically whitelist assets. Please only do this for assets that
are truly personalized, that is, only for assets whose URL is always the same but
whose content is different for each user or page load.

For example, to ensure that the URL at `https://example.com/personalized_content`
is never checked for integrity with SRI attributes, use the following PHP code:

    ```
    function example_never_add_integrity_checking( $items ) {
        $items[] = 'https://example.com/personalized_content';
        return $items;
    }
    add_action( 'option_wp_sri_excluded_hashes', 'example_never_add_integrity_checking' );
    ```

Learn more [about this filter hook](https://developer.wordpress.org/reference/hooks/option_option/).

## نقد و بررسی‌ها

![](https://secure.gravatar.com/avatar/5d5c05ccdc68e0bb8e4bbf13485461c68c1faf3863fb55037bd07baab6dffc4b?
s=60&d=retro&r=g)

### 󠀁[Plugin appears to abandoned, long time no updates, appears non functional.](https://wordpress.org/support/topic/plugin-appears-to-abandoned/)󠁿

 [Kevin de Bie](https://profiles.wordpress.org/alphabootis/) 16 جولای 2024

Plugin doesn’t appear to do anything/work on any of my Wordpress 6 installations.
I have been testing with Mozzilla’s observatory.

![](https://secure.gravatar.com/avatar/41f2ec474bb37ce422d799a621a681bdb8bcd9d289a43408666b9fdd592c2c82?
s=60&d=retro&r=g)

### 󠀁[I really want to like this, but unfortunately does not work in my environment](https://wordpress.org/support/topic/i-really-want-to-like-this-but-unfortunately-does-not-work-in-my-environment/)󠁿

 [darkknight83](https://profiles.wordpress.org/darkknight83/) 17 سپتامبر 2023 2 
پاسخ

in the age of page-caching (wp-super-cache) and minification/consolidation of scripts/
styles (autoptimization), this probably needs to be hooked in after all that gets
done otherwise the hash generated won’t match. Ideally, this tests the consolidated
minimized script locally even before it gets uploaded to the CDN to cover the pathological
case that the script gets mutated at the CDN even before it gets it’s SHA hash done.

![](https://secure.gravatar.com/avatar/bd32ec9cd108d4da374f25e02a072568ef20be167ffcc318d2ca620be1435ec0?
s=60&d=retro&r=g)

### 󠀁[Works on WordPress 5.8.1](https://wordpress.org/support/topic/works-on-wordpress-5-8-1/)󠁿

 [apollosk](https://profiles.wordpress.org/apollosk/) 4 اکتبر 2021

The plugin works as advertised, out of the box. Kudos to the developers. It would
be smart to update the compatibility info, Tested up to:…

![](https://secure.gravatar.com/avatar/86aaf746e240dd4553e2cf5aea6478b9b2e7ceac62b009f231fb9ecaf05740d3?
s=60&d=retro&r=g)

### 󠀁[Plugin Conflicts with BrainTree Payments](https://wordpress.org/support/topic/plugin-conflicts-with-braintree-payments/)󠁿

 [forkenbrock](https://profiles.wordpress.org/forkenbrock/) 10 ژانویه 2021 1 پاسخ

Plugin caused my BrainTree payment gateway to fail payments.

![](https://secure.gravatar.com/avatar/02d344fe3719fefbd4438c98ac612ecfd2c3e8496fec47faaff145fbd40abc87?
s=60&d=retro&r=g)

### 󠀁[interferes with paymaent gateway](https://wordpress.org/support/topic/interferes-with-paymaent-gateway/)󠁿

 [techguysa](https://profiles.wordpress.org/techguysa/) 19 اکتبر 2020 4 پاسخ

Using the Plug in Yoco Payment Gateway by Yoco for credit cards and this plug in
prevents Yoco from poping up and then redirects to the confirm order page like if
it was an EFT when customer make payment via card. This prevents card payments. 
So I disabled it. This worked but im not sacrificing a function to kill revenue.
There must be another way had another way just cant remember what the htaccess code
was for this.

![](https://secure.gravatar.com/avatar/a62d24bec2dbb1a6364198cf1e6afc062c91f6731838dcef908a5383ffd2bca8?
s=60&d=retro&r=g)

### 󠀁[Great Plugin](https://wordpress.org/support/topic/great-plugin-27321/)󠁿

 [kiranrs](https://profiles.wordpress.org/kiranrs/) 6 آگوست 2020

I appreciate your effort for making this plugin, really helpful. But not working
for all external scripts.Still you’re my hero.

 [ خواندن تمامی 11 نقد و بررسی‌ ](https://wordpress.org/support/plugin/wp-sri/reviews/)

## توسعه دهندگان و همکاران

“Subresource Integrity (SRI) Manager” نرم افزار متن باز است. افراد زیر در این افزونه
مشارکت کرده‌اند.

مشارکت کنندگان

 *   [ Meitar ](https://profiles.wordpress.org/meitar/)
 *   [ maymay ](https://profiles.wordpress.org/maymay/)

“Subresource Integrity (SRI) Manager” به 1 زبان ترجمه شده است. با تشکر از [مترجمین](https://translate.wordpress.org/projects/wp-plugins/wp-sri/contributors)
برای همکاری و کمک‌هایشان.

[ترجمه “Subresource Integrity (SRI) Manager” به زبان شما.](https://translate.wordpress.org/projects/wp-plugins/wp-sri)

### علاقه‌ مند به توسعه هستید؟

[Browse the code](https://plugins.trac.wordpress.org/browser/wp-sri/), check out
the [SVN repository](https://plugins.svn.wordpress.org/wp-sri/), or subscribe to
the [development log](https://plugins.trac.wordpress.org/log/wp-sri/) by [RSS](https://plugins.trac.wordpress.org/log/wp-sri/?limit=100&mode=stop_on_copy&format=rss).

## گزارش تغییرات

#### Version 0.4.0

 * Stricter parsing for stylesheet tags; the `filterTag` function now requires a
   third parameter.

#### Version 0.3.0

 * [Feature](https://wordpress.org/support/topic/breaks-google-fonts?replies=2):
   Add ability to exclude URLs. Useful when SRI attributes block personalized assets.

#### Version 0.2.2

 * [Bugfix](https://github.com/fabacab/wp-sri/issues/1): Load plugin `textdomain`
   files to prepare for translation.

#### Version 0.2.1

 * Add the `crossorigin="anonymous"` attribute/value pair to modified elements to
   enable Firefox 43’s handling of integrity checks.

#### Version 0.2

 * Feature: A simple administrative interface can be found under the “Subresource
   Integrity Manager” option in your WordPress Tools menu. This interface allows
   you to view the URL and hash pairs currently known by your site, and to delete
   them. Deleting a known hash will cause WordPress to refetch and rehash the resource
   when it is next requested.

#### Version 0.1

 * Initial release.

## اطلاعات

 *  نگارش **0.4.0**
 *  Last updated **5 سال پیش**
 *  نصب‌های فعال **1,000+**
 *  نگارش وردپرس ** 4.1 یا بالاتر **
 *  Tested up to **5.6.17**
 *  زبان‌ها
 * [English (UK)](https://en-gb.wordpress.org/plugins/wp-sri/) و [English (US)](https://wordpress.org/plugins/wp-sri/).
 *  [به زبان خودتان ترجمه کنید](https://translate.wordpress.org/projects/wp-plugins/wp-sri)
 * Tags
 * [security](https://fa.wordpress.org/plugins/tags/security/)[SRI](https://fa.wordpress.org/plugins/tags/sri/)
 *  [نمایش پیشرفته](https://fa.wordpress.org/plugins/wp-sri/advanced/)

## امتیازها

 2.9 از 5 ستاره.

 *  [  امتیاز 5 5-ستاره     ](https://wordpress.org/support/plugin/wp-sri/reviews/?filter=5)
 *  [  امتیاز 0 4-ستاره     ](https://wordpress.org/support/plugin/wp-sri/reviews/?filter=4)
 *  [  امتیاز 0 3-ستاره     ](https://wordpress.org/support/plugin/wp-sri/reviews/?filter=3)
 *  [  امتیاز 1 2-ستاره     ](https://wordpress.org/support/plugin/wp-sri/reviews/?filter=2)
 *  [  امتیاز 5 1-ستاره     ](https://wordpress.org/support/plugin/wp-sri/reviews/?filter=1)

[افزودن ارزیابی من](https://wordpress.org/support/plugin/wp-sri/reviews/#new-post)

[مشاهده همه بررسی‌ها](https://wordpress.org/support/plugin/wp-sri/reviews/)

## مشارکت کنندگان

 *   [ Meitar ](https://profiles.wordpress.org/meitar/)
 *   [ maymay ](https://profiles.wordpress.org/maymay/)

## پشتیبانی

چیزی برای گفتن دارید؟ نیاز به کمک دارید؟

 [مشاهده انجمن پشتیبانی](https://wordpress.org/support/plugin/wp-sri/)

## کمک مالی

آیا تمایل دارید از پیشرفت این افزونه حمایت کنید؟

 [ کمک مالی به این افزونه ](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=TJLPJYXHSRBEE&lc=US&item_name=WordPress%20Subresource%20Integrity%20Plugin&item_number=wp-sri&currency_code=USD&bn=PP%2dDonationsBF%3abtn_donate_SM%2egif%3aNonHosted)