[integrity]: CSS-loaded resources.

Splitting this off into a separate thread, and adding Tab (Hi, Tab!). Tab,
I'm putting words in your mouth below, please correct me if I'm
misrepresenting your opinions. :)

On Sat, Jan 11, 2014 at 4:06 PM, Anne van Kesteren <annevk@annevk.nl> wrote:

> For CSS I think we want something like integrity-url(), but maybe CSS
> should have a more generic mechanism as I suspect we want to be able
> to control more there in the long term. E.g. CORS, whether Referer is
> emitted, whether cookies are included, etc. So maybe we should have
> url() and fetch() where fetch() allows for metadata.

Tab's suggestion was something like this:

    .coolClass {
        background-image: integrity('http://example.com/img.png',

He wasn't a fan of the integrity block at the top of the file, as it would
quickly get out of sync with the resources in the file. I suggested that
build tools would be almost required for a scheme like this anyway, he was
not impressed. :)

A more generic 'fetch()' sounds interesting. I'm not sure I'd appreciate a
new CSS thing with positional arguments, and I don't know of any other CSS
thing with named parameters. *shrug* I'm not at all sure how something like
that would fit into the larger picture of CSS grammar. Tab, I assume, will
have opinions.

Mike West <mkwst@google.com>
Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91

Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany
Registergericht und -nummer: Hamburg, HRB 86891
Sitz der Gesellschaft: Hamburg
Geschäftsführer: Graham Law, Christine Elizabeth Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

Received on Saturday, 11 January 2014 18:31:11 UTC