[viraptor]

It's called subresource integrity. The spec is at: https://www.w3.org/TR/SRI/

Mozilla already implements it: https://hacks.mozilla.org/2015/09/subresource-integrity-in-f...

[drinkjuice]

Does this make the browser avoid the request if it already has a cached script with that hash? If so, that would indeed be exactly what I was hoping for, except it would need to be extended for all things, not just javascript. Anyway, thanks!