- From: Neil Matatall <neilm@twitter.com>
- Date: Sat, 15 Jun 2013 02:00:46 -0400
- To: Евнгений Яременко <w3techplayground@gmail.com>
- Cc: public-webappsec@w3.org
Received on Saturday, 15 June 2013 06:01:13 UTC
This is the script-hash proposal. I would love it if we discussed this more as it has numerous benefits over a nonce as well as complications :) On Jun 15, 2013 1:11 AM, "Евнгений Яременко" <w3techplayground@gmail.com> wrote: > Is it possible to verify(whitelist) inline script block via checksum of > its logic(uniform) as alternative to "Nonce"? ie send checksum of the > allowed script via header and if inlined script checksum is the same it's > allowed to execute. >
Received on Saturday, 15 June 2013 06:01:13 UTC