Well I'm glad you asked. In the just released Chrome 45 (and soon in an upcoming Firefox release), they have added a awesome new feature to protect your customers (and your reputation). When you link to any resources in your web page; you can now use the integrity attribute to tell the browser that this file must match this hash to load and use this file.
So <script ... integrity="sha256-some_sha256_hash"> or <link... integrity="sha384-some_sha384_hash">
The browser integrity attribute must support the sha 256, 384 and 512 hashes according to the w3 spec. For browsers that don't support this yet; then this won't do anything and the resources will load fine just like normal. But in browsers that do support this; when the browser downloads the resource it will hash it and verify the hash matches before allowing it to be used.
On Linux you can generate the hash by doing:
cat the_file_resource | openssl dgst -sha256 -binary | openssl enc -base64 -A
On Windows if you have openssl installed you can do:
type the_file_resource | openssl dgst -sha256 -binary | openssl enc -base64 -A
Or if you don't have openssl installed; you can also easily cheat by using Chrome. Just add the integrity with a bogus value; then reload the page. Chrome in the developer log will show you the computed hash for the file when it blocks it.
For the full W3 Spec: https://w3c.github.io/webappsec/specs/subresourceintegrity/