W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2014

Re: SRI: <a> vs integrity

From: Daniel Veditz <dveditz@mozilla.com>
Date: Tue, 29 Jul 2014 15:35:32 -0700
Message-ID: <53D821B4.5080609@mozilla.com>
To: Eduardo Robles Elvira <edulix@agoravoting.com>, "Hill, Brad" <bhill@paypal.com>
CC: Brad Hill <hillbrad@gmail.com>, Julian Reschke <julian.reschke@gmx.de>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On 7/28/2014 4:54 PM, Eduardo Robles Elvira wrote:
> I wouldn't make them so bold and in-your-face, but the
> a-download-link-integrity use-case is not a corner-case.

Brad didn't mean downloads were "borderline" interesting, he meant it
was literally "on the border" between navigation (which we don't want to
touch) and part of the application/site (which we do want to cover with
resource integrity). We could more simply not touch anything that uses
the mechanics of navigation (clicking a link) but the download case is
important and common enough to risk making the scope of the
specification less clear. Murky or not, though, we don't want to
interfere with navigation.

-Dan Veditz
Received on Tuesday, 29 July 2014 22:36:03 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:39 UTC