Sub Resource Integrity


Our Nessus scanning is complaining about something called Sub Resource Integrity when requesting the prismic script at

Has anyone come across this before, I’m currently wondering where to even start looking.

MDN has the following

It look like something that would need to be enabled on the Prismic end.

Any pointers much appreciated



You need to add an integrity attribute to the script where you import prismic.min.js.

Something like this:

<script src=""

Hi @marcellothearcane, thanks for that … We’re using Gatsby to generate a static site with content from Prismic, so I guess we should look at trying to inject the above into the Gatsby build process, or maybe use Helmet in the source to add it … you’ve given some food for thought, so thanks.

1 Like

Hey Jason, are you still having this issue with the Nessus scanning?

This issue has been closed due to inactivity.