Sub-Resource Integrity (SRI) is a security feature that allows browsers to verify that files they fetch (e.g., from a CDN) have been delivered without any unintended actions. It works by allowing you to provide a cryptographic hash/hash that the fetched file must match.

This enumeration property specifies whether CORS must be used when loading related images. Possible values ​​include the following two:
- anonymous: This will initiate a cross-origin request (i.e., include the Origin: HTTP header). However, it will not send any authentication information (i.e., no cookies, X.509 certificates, or HTTP basic authentication information). If the server does not provide origin credentials (does not set the Access-Control-Allow-Origin: HTTP header), the image will be poisoned and its use will be restricted.
- `use-credentials`: This will initiate a cross-origin request (i.e., include the `Origin:` HTTP header) with authentication information (sending cookies, X.509 certificates, and HTTP Basic authentication information). If the server does not provide origin credentials (without setting the `Access-Control-Allow-Origin:` HTTP header), the image will be poisoned and its use will be restricted. - When this attribute is not set, the resource will not be loaded using CORS (i.e., the `Origin:` HTTP header will not be sent), which will prevent its use in the `` element. If an invalid value is set, it will be treated as anonymous.

Chrome version 45 and above, Firefox version 43 and above, Edge version 17 and above, Safari version 11 and above, Opera version 32 and above.

Refer to the official documentation:https://www.w3.org/TR/SRI/

Due to limited server resources, online generation of integrity values ​​is no longer available. Please download the Xiaofeitu software to generate the value (free of charge).