- From: Neil Matatall <neilm@twitter.com>
- Date: Mon, 21 Oct 2013 09:47:17 -0700
- To: Mike West <mkwst@google.com>
- Cc: Yoav Weiss <yoav@yoav.ws>, Garrett Robinson <grobinson@mozilla.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
> Is this getting into the "sub-resource integrity" use case? [1] ... Is this group still interested in/working on "subresource integrity"? Yeah, I thought that's where this might be going. Agreed, separate concern. On Mon, Oct 21, 2013 at 2:19 AM, Mike West <mkwst@google.com> wrote: > It seems like there's consensus that hashes should only apply to inline > resources. > > I do think there's a good deal of value in dealing with hashing external > resources, but I'd agree with Trevor's suggestion that that ought to be > dealt with in a separate specification. > > -mike > > -- > Mike West <mkwst@google.com> > Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91 > > Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany > Registergericht und -nummer: Hamburg, HRB 86891 > Sitz der Gesellschaft: Hamburg > Geschäftsführer: Graham Law, Christine Elizabeth Flores > > > On Sat, Oct 19, 2013 at 11:52 PM, Yoav Weiss <yoav@yoav.ws> wrote: >> >> As one of the supporters of script/style hashes, I have no use case for >> external script/style hashes, only for inline ones. >> >
Received on Monday, 21 October 2013 16:47:45 UTC