A first server receives, from a client network application, a request for a network resource. The first server retrieves the requested network resource, where the requested network resource is handled by a second server that is different than the first server. The first server validates whether at least a portion of the retrieved network resource conforms to a set of one or more rules. If it does, the first server cryptographically signs the at least portion of the retrieved network resource thereby creating a digital signature. The first server transmits a response to the client network application that includes the at least the portion of the retrieved network resource and the digital signature. The client network application is configured to validate the first digital signature that validates that the portion of the network resource conforms to the set of rules.