Detect SRI failures.

sri.js

var observer = window.MutationObserver || window.WebKitMutationObserver;
if (observer) {
  new MutationObserver(function(mutations) {
    mutations.forEach(function(mutation) {
      mutation.addedNodes.forEach(processNode);
    });
  }).observe(document, { childList: true, subtree: true });
}

var processNode = function(node) {
  var tagName = node.tagName ? node.tagName.toLowerCase() : '';
  if (tagName === 'script' || tagName === 'link') {
    if (!node.onerror) {
      node.onerror = function(error) {
        console.log("Got an error!");
        console.log("Page: " + error.srcElement.baseURI);
        console.log("Asset: " + error.srcElement.src);
        console.log("Integrity: " + error.srcElement.integrity);
        console.log("Element: " + error.srcElement.outerHTML);
        console.log("Message: " /*+ ???*/);
        console.log(error);
      }
    }
  }
}

The intended purpose of the script is to reliably detect SRI failures on link and script tags.

I have a demo page setup here with an SRI failure for demonstration: https://scotthelme.co.uk/p/0576f1af-7540-49ba-9469-9e2a3fe1f634/

If you'd like info on what SRI is, see here: https://scotthelme.co.uk/subresource-integrity/