Re: [integrity] What should we hash?

The browser can do whatever it does right now. But for integrity
verification, it will need to undo content encodings like gzip.
 On Mar 12, 2014 11:33 PM, "Boris Zbarsky" <bzbarsky@mit.edu> wrote:

> On 3/13/14 2:27 AM, Devdatta Akhawe wrote:
>
>> I think the browser should undo the content-encoding for downloads
>> that include integrity metadata.
>>
>
> What does that mean for user-observed behavior in my "concrete example"
> cases?  If it means saving a file called foo.txt.gz which contains
> non-gzipped text, then I object.  ;)
>
> -Boris
>

Received on Thursday, 13 March 2014 16:49:14 UTC