Re: Comments on Subresource integrity

Hey Watson

thanks for the email. I filed bugs for 1 and 2. They seem like easy fixes
and we will get to them soon.

Re point 3: I am not a fan of the spec (which changes slowly) defining
priority. I think we should leave this flexibility to UAs instead of
mandating priority of hash functions.


On 16 May 2015 at 10:01, Watson Ladd <> wrote:

> Dear all,
> I have several comments on the draft.
> 1: The draft does not define how to parse tokens, only split a list of
> tokens on spaces. It's clear from examples what is meant, but this
> should be made explicit.
> 2: There does not appear a way to specify multiple hashes with the
> same algorithm. This may be useful in load-balancer situations where a
> phased rollout  may mean some requests return different data from
> others.
> 3: Permitting user agents to indicate priority in mutually
> incompatible ways is not as good as specifying one useful way. The
> best way is probably a comparison function.
> Sincerely,
> Watson Ladd
> --
> "Man is born free, but everywhere he is in chains".
> --Rousseau.

Received on Monday, 18 May 2015 19:28:23 UTC