Re: [w3c/manifest] Update manifest spec to consider manifest updates for icon urls to be cache-control:immutable (PR #1199) from Dibyajyoti Pal on 2025-12-30 (public-webapps-github@w3.org from December 2025)

From: Dibyajyoti Pal <notifications@github.com>
Date: Tue, 30 Dec 2025 08:49:02 -0800
To: w3c/manifest <manifest@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/manifest/pull/1199/review/3618774462@github.com>

@Dp-Goog commented on this pull request.



> +            When considering a [=security-sensitive update=] for a [=manifest image resource=], 
+            the user agent SHOULD consider a [=manifest image resource=] updated
+            if the {{ImageResource/src}} member has changed. If the
+            {{ImageResource/src}} has not changed, the user agent MAY download the
+            image and check for visual differences in some cases. Finally, the user agent
+            MAY change a [=security-sensitive update=] in a [=manifest image resource=] to a
+            [=non security-sensitive update=] if the images are not significantly
+            visually different.

I like the approach of building on the previous concept to be more clearer, but it still seemed like the information was disjoint. I took your approach, but built it the following way instead:
1. Define what security and non security sensitive members are.
2. Define what security and non security sensitive updates are.
3. Define what icon updates are w.r.t. security sensitive updates and non-security sensitive ones.

PTAL if the new direction looks good!

-- 
Reply to this email directly or view it on GitHub:
https://github.com/w3c/manifest/pull/1199#discussion_r2653423184
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/manifest/pull/1199/review/3618774462@github.com>

Received on Tuesday, 30 December 2025 16:49:06 UTC