Inline Hashes API parses your HTML to find out which hashes you need to whitelist in your CSP, when you don't allow "unsafe-inline".
This is specially helpful when you don't have complete control over the generated HTML, but you want to implement web security best practices (for example, you use a web framework that insists on using inline styles and scripts).
The API can be used in 2 ways:
Currently, it detects all relevant "inlines" for "style-src" and "script-src". Support for other directives will be added soon.
Get all inline hashes for a given public webpage.
In this endpoint, you provide the URL and the hash type you need. You get a list with the hashes of all "inlines" in it.
Required request data:
Note: Currently the API only supports `style-src` and `script-src` "inlines".
| Object | Description |
|---|---|
Request Body |
[Required] Json |
Continue with Google
Continue with Github
[
{
"directive": "script-src",
"line": 67,
"position": 0,
"inline_hash": "sha256-5b0LEPcFqvw935AmQ9uCS1LeaBIbAZaVpOd43sbJsgI="
},
{
"directive": "script-src",
"line": 82,
"position": 0,
"inline_hash": "sha256-pYERp1GFTQcj76yK8huGHJtriZpv9dsW7AdV7O+VrcQ="
},
{
"directive": "script-src",
"line": 169,
"position": 0,
"inline_hash": "sha256-JVVDOwRpMQvCZqoDwpZ1OUJ81UoJpBxumeEHC89A9PU="
},
{
"directive": "script-src",
"line": 198,
"position": 0,
"inline_hash": "sha256-P04sv6Gx4G2SNlC/BLire6NlKJJRrW+WA3R+vPzVvxk="
},
{
"directive": "script-src",
"line": 211,
"position": 0,
"inline_hash": "sha256-RK7LdSEhpwvmYMT+Jix2uBLUXxlWBpHbN6lasgC6hv8="
},
{
"directive": "style-src",
"line": 24,
"position": 4,
"inline_hash": "sha256-FkEXDP5KKSHX3NsiC7GTZPWooqOq+PWhRnOgr48PXTI="
},
{
"directive": "style-src",
"line": 31,
"position": 4,
"inline_hash": "sha256-Lhv+ra57rss0OLQnIUfbs2b64zOZselOiHlKjuyf4+o="
}
]
curl --location --request POST 'https://zylalabs.com/api/2947/inline+hashes+api/3090/fetch' --header 'Authorization: Bearer YOUR_API_KEY'
Get all inline hashes for a given HTML document.
In this endpoint, you provide the content and the hash type you need. You get a list with the hashes of all "inlines" in the document.
Required request data:
Note: Currently the API only supports `style-src` and `script-src` "inlines".
| Object | Description |
|---|---|
Request Body |
[Required] Json |
[
{
"directive": "script-src",
"inline_hash": "sha256-+dZ6udsWxNVoGfScAq7t5IIF5UJb4F6RhjbN6oe1p4w=",
"line": 1,
"position": 55
},
{
"directive": "style-src",
"inline_hash": "sha256-L0KESkAS3Sl/7JaxyYAsy7PaN1uCtBWR56D2Mu98w0M=",
"line": 1,
"position": 12
}
]
curl --location --request POST 'https://zylalabs.com/api/2947/inline+hashes+api/3091/extract' --header 'Authorization: Bearer YOUR_API_KEY'
After signing up, every developer is assigned a personal API access key, a unique combination of letters and digits provided to access to our API endpoint. To authenticate with the Inline Hashes API REST API, simply include your bearer token in the Authorization header.
| Header | Description |
|---|---|
Authorization
|
[Required] Should be Bearer access_key. See "Your API Access Key" above when you are subscribed. |
No long term commitments. One click upgrade/downgrade or cancellation. No questions asked.
Zyla API Hub is, in other words, an API MarketPlace. An all-in-one solution for your developing needs. You will be accessing our extended list of APIs with only your user. Also, you won't need to worry about storing API keys, only one API key for all our products is needed.
Prices are listed in USD. We accept all major debit and credit cards. Our payment system uses the latest security technology and is powered by Stripe, one of the worldβs most reliable payment companies. If you have any trouble with paying by card, just contact us at [email protected]
Sometimes depending on the bank's fraud protection settings, a bank will decline the validation charge we make when we attempt to be sure a card is valid. We recommend first contacting your bank to see if they are blocking our charges. If more help is needed, please contact [email protected] and our team will investigate further
Prices are based on a recurring monthly subscription depending on the plan selected β plus overage fees applied when a developer exceeds a planβs quota limits. In this example, you'll see the base plan amount as well as a quota limit of API requests. Be sure to notice the overage fee because you will be charged for each additional request.
Zyla API Hub works on a recurring monthly subscription system. Your billing cycle will start the day you purchase one of the paid plans, and it will renew the same day of the next month. So be aware to cancel your subscription beforehand if you want to avoid future charges.
Just go to the pricing page of that API and select the plan that you want to upgrade to. You will only be charged the full amount of that plan, but you will be enjoying the features that the plan offers right away.
Yes, absolutely. If you want to cancel your plan, simply go to your account and cancel on the Billing page. Upgrades, downgrades, and cancellations are immediate.
You can contact us through our chat channel to receive immediate assistance. We are always online from 9 am to 6 pm (GMT+1). If you reach us after that time, we will be in contact when we are back. Also you can contact us via email to [email protected]
Service Level:
100%
Response Time:
153ms
Service Level:
100%
Response Time:
9,350ms
Service Level:
100%
Response Time:
748ms
Service Level:
100%
Response Time:
96ms
Service Level:
100%
Response Time:
1,405ms
Service Level:
100%
Response Time:
104ms
Service Level:
100%
Response Time:
1,327ms
Service Level:
100%
Response Time:
1,469ms
Service Level:
100%
Response Time:
354ms
Service Level:
95%
Response Time:
250ms
Service Level:
100%
Response Time:
1,149ms
Service Level:
100%
Response Time:
1,542ms
Service Level:
100%
Response Time:
4,260ms
Service Level:
100%
Response Time:
1,248ms
Service Level:
100%
Response Time:
2,230ms
Service Level:
100%
Response Time:
1,175ms
Service Level:
100%
Response Time:
3,663ms
