It would be nice if the web inspector could help with Subreource Integrity issues. For instance, showing the three support digest values for <link> and <script> tag resources. Or maybe visually showing in the DOM view if a <script> or <link> tag had its resource blocked due to Subreource Integrity (and linking to it from the error message generated).
I'm not familiar with the use or debugging of this feature, but it sounds like something that may fail mysteriously right now. What do you have to do now to investigate an issue like this?
<rdar://problem/32310236>
(In reply to Brian Burg from comment #1) > I'm not familiar with the use or debugging of this feature, but it sounds > like something that may fail mysteriously right now. What do you have to do > now to investigate an issue like this? There are console messages that get printed out when a resource is blocked, which probably handles many cases, but it would be nice to know things like if none of of the digests provided are supported or if parsing of the attribute value failed for some reason (we could conceivably add console error for these as well, but I don't want to presuppose a solution). It would also be nice for testing if we could generate the various expected digests for a resource, so a developer could just plop it in, though in practice, this feature will probably use serverside generation of the digest values.
Maybe this should be in Network instead of Elements? I think the Network tab is the first place developers will look for "why didn't my script/stylesheet load". The Network tab could show the load failure and the sidebar could give details about the SRI failure. (This might mean that if you load the same resource with and without SRI we'd need two line items, since it fails one time and succeeds the second). The console message might be a sufficient bare minimum though.