- From: Devdatta Akhawe <dev.akhawe@gmail.com>
- Date: Thu, 13 Mar 2014 09:48:47 -0700
- To: Boris Zbarsky <bzbarsky@mit.edu>
- Cc: Mark Nottingham <mnot@mnot.net>, public-webappsec@w3.org
Received on Thursday, 13 March 2014 16:49:14 UTC
The browser can do whatever it does right now. But for integrity verification, it will need to undo content encodings like gzip. On Mar 12, 2014 11:33 PM, "Boris Zbarsky" <bzbarsky@mit.edu> wrote: > On 3/13/14 2:27 AM, Devdatta Akhawe wrote: > >> I think the browser should undo the content-encoding for downloads >> that include integrity metadata. >> > > What does that mean for user-observed behavior in my "concrete example" > cases? If it means saving a file called foo.txt.gz which contains > non-gzipped text, then I object. ;) > > -Boris >
Received on Thursday, 13 March 2014 16:49:14 UTC