Re: [SRI] Call for Consensus: Subresource Integrity to Candidate Recommenation from Devdatta Akhawe on 2015-10-23 (public-webappsec@w3.org from October 2015)

From: Devdatta Akhawe <dev.akhawe@gmail.com>
Date: Fri, 23 Oct 2015 16:14:47 -0700
To: Joel Weinberger <jww@chromium.org>
Cc: Anne van Kesteren <annevk@annevk.nl>, Brad Hill <hillbrad@gmail.com>, Frederik Braun <fbraun@mozilla.com>, WebAppSec WG <public-webappsec@w3.org>
Message-ID: <CAPfop_1cz1t=_Lrby0aZogMoBGq738o5VJo_f24NRJ_PUM7ZXQ@mail.gmail.com>

@brad Assuming this minor issue is resolved, what are the next steps?
the cfc expired on 13 Oct 2015.

~dev

On 22 October 2015 at 09:20, Joel Weinberger <jww@chromium.org> wrote:
> Thanks, Anne. I'll write up a fix and CC you on it.
> --Joel
>
> On Thu, Oct 22, 2015 at 1:32 AM Anne van Kesteren <annevk@annevk.nl> wrote:
>>
>> On Thu, Oct 22, 2015 at 1:51 AM, Joel Weinberger <jww@chromium.org> wrote:
>> > Anne, can you confirm that this recent pull request
>> > (https://github.com/w3c/webappsec-subresource-integrity/pull/4)
>> > addresses
>> > your concerns about isEligible()?
>>
>> Yeah. Though to nit the note is not entirely correct about "cors"
>> since a same-origin request can have mode "cors" but will create a
>> normal response, not a "cors" one.
>>
>>
>> --
>> https://annevankesteren.nl/

Received on Friday, 23 October 2015 23:15:35 UTC