Re: [SRI] Call for Consensus: Subresource Integrity to Candidate Recommenation from Frederik Braun on 2015-10-07 (public-webappsec@w3.org from October 2015)

From: Frederik Braun <fbraun@mozilla.com>
Date: Wed, 7 Oct 2015 13:21:27 +0200
To: public-webappsec@w3.org
Message-ID: <56150037.8000205@mozilla.com>

On 07.10.2015 07:23, Anne van Kesteren wrote:
> On Tue, Oct 6, 2015 at 11:08 PM, Francois Marier <francois@mozilla.com> wrote:
>> I see two:
> 
> I also remember giving you feedback on
> https://w3c.github.io/webappsec-subresource-integrity/#is-response-eligible-for-integrity-validation.
> That it should just be a simple check on response's type and nothing
> else. Cannot locate that though. And deferring upstreaming of the
> attribute definitions does not seem great. That's where you'll get the
> real review on their definitions.
> 

I think you were looking for
<https://github.com/w3c/webappsec/pull/492#issuecomment-144974364>.

Reading the thread I had the impression that you feedback was addressed,
as you did not comment on Francois' response or the commit that followed
it
(https://github.com/w3c/webappsec/commit/86c5572a40ceda66a6fc5a9ddfe64dd2f00be478).

Received on Wednesday, 7 October 2015 11:22:04 UTC