It's probably worth highlighting that when loading resources programmatically (see example below) the cross-origin attribute is crossorigin in HTML but crossOrigin in DOM per HTM5 spec.

var script = document.createElement("script");
script.type = "text/javascript";
script.src = "https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js";
script.integrity = "sha384-tSi+YsgNwyohDGfW/VhY51IK3RKAPYDcj1sNXJ16oRAyDP++K0NCzSCUW78EMFmf";
script.crossOrigin = "anonymous";
document.getElementsByTagName("head")[0].appendChild(script);

Yeah, it would be worthwhile adding an example (or changing an example) that adds the SRI programmatically using JavaScript, just to slip this in.

Would you be willing to supply a pull request, @kravietz?