Re: SRI: Behavior when a developer fails to specify CORS

On Fri, Jun 12, 2015 at 5:21 AM, Joel Weinberger <> wrote:
> Wouldn't these examples be compatible in all the cases, since the integrity
> attribute is not defined for any of these elements?

It is defined for <script> and <link rel=stylesheet>, no? And I'm sure
it'll be defined for <img> too at some point at which point the
reasoning applies. It seems useful to consider those future cases too.


Received on Friday, 12 June 2015 07:10:22 UTC