- From: Mike West <notifications@github.com>
- Date: Wed, 19 Nov 2025 04:04:58 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <whatwg/fetch/pull/1867/review/3482342397@github.com>
@mikewest commented on this pull request. > +algorithms, and whose values are <a data-lt="structured field byte sequence">byte sequences</a> +represent a digest of the response produced via the specified algorithm. [[!UNENCODED-DIGEST]] + + +<div algorithm> +<p>To <dfn export>verify `<code>Unencoded-Digest</code>` assertions</dfn>, given a +<a>byte sequence</a> <var>bytes</var> and a <a for=/>header list</a> <var>list</var>, run these +steps: + +<ol> + <li><p>Let <var>header</var> be the result of + <a for="header list" lt="get a structured field value">getting</a> the + `<a http-header><code>Unencoded-Digest</code></a>` header as a "<code>dictionary</code>" from + <var>list</var>. + + <li><p>If <var>header</var> is null, then return <b>verified</b>. No reason we couldn't define multiple common patterns. The two I noted above (allow/block from https://fetch.spec.whatwg.org/#cross-origin-resource-policy-check, and failure from all over URL and a number of HTML algorithms) are ones I could easily find examples for. The latter in particular seems like it would benefit from putting something in Infra. Filed https://github.com/whatwg/infra/issues/686 to think about it some more. -- Reply to this email directly or view it on GitHub: https://github.com/whatwg/fetch/pull/1867#discussion_r2541720015 You are receiving this because you are subscribed to this thread. Message ID: <whatwg/fetch/pull/1867/review/3482342397@github.com>
Received on Wednesday, 19 November 2025 12:05:02 UTC