[Bug 20789] Signature (cryptographic hash) attribute for <script> from bugzilla@jessica.w3.org on 2013-01-28 (public-html-bugzilla@w3.org from January 2013)

From: <bugzilla@jessica.w3.org>
Date: Mon, 28 Jan 2013 02:42:04 +0000
To: public-html-bugzilla@w3.org
Message-ID: <bug-20789-2486-4pjHpw1HB5@http.www.w3.org/Bugs/Public/>

https://www.w3.org/Bugs/Public/show_bug.cgi?id=20789

--- Comment #1 from Victor Costan <costan@gmail.com> ---
I forgot to talk about failure modes.


* Failure Modes

If the signature attribute's value does not match the syntax in this
specification, or if the algorithm-id is not supported by the user agent, the
signature attribute should be ignored. The user agent can optionally log a
warning to its console.

If the hash-value in the signature attribute value does not match the value
computed for the fetched script, the user agent shall consider that the fetch
resulted in a network error. Most importantly, the user agent shall not execute
the script.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.

Received on Monday, 28 January 2013 02:42:06 UTC