W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2013

Re: Updated script hash proposal (non spec text)

From: Joel Weinberger <jww@chromium.org>
Date: Tue, 26 Nov 2013 10:57:36 -0800
Message-ID: <CAHQV2Kk67i7DvA7WrtYKkmx9jpu_9O-8LpJ4GLCs0Szx4j=syQ@mail.gmail.com>
To: Garrett Robinson <grobinson@mozilla.com>
Cc: Neil Matatall <neilm@twitter.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
I, too, support the second option as well (and, in fact, that is how we've
implemented it for hashes in Chrome).

I don't suppose there's a way to specify that the '=' should only appear at
the end of the value (and there should be 2 or less)?
--Joel


On Mon, Nov 25, 2013 at 11:09 AM, Garrett Robinson <grobinson@mozilla.com>wrote:

> On 11/25/2013 01:24 PM, Neil Matatall wrote:
> > Ah yes. Oops. I support the second option as well.
> >
> > Should "1*( ALPHA / DIGIT / "+" / "/" / "=" )"  be its own
> > symbol/definition/whatever to make it clear that the values will have
> > the same rules?
>
> I was thinking of doing that, but wasn't sure how to write it in the
> spec. Can we just call it base64-value?
>
>
Received on Tuesday, 26 November 2013 18:58:06 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 26 November 2013 18:58:07 UTC