W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2015

Re: [SRI] Call for Consensus: Subresource Integrity to Candidate Recommenation

From: Anne van Kesteren <annevk@annevk.nl>
Date: Thu, 22 Oct 2015 10:32:55 +0200
Message-ID: <CADnb78h5Fgb9dp2+6_8W5GeLekvfyE7Q7n++q7AoNBrHJ_k8WA@mail.gmail.com>
To: Joel Weinberger <jww@chromium.org>
Cc: Brad Hill <hillbrad@gmail.com>, Frederik Braun <fbraun@mozilla.com>, WebAppSec WG <public-webappsec@w3.org>
On Thu, Oct 22, 2015 at 1:51 AM, Joel Weinberger <jww@chromium.org> wrote:
> Anne, can you confirm that this recent pull request
> (https://github.com/w3c/webappsec-subresource-integrity/pull/4) addresses
> your concerns about isEligible()?

Yeah. Though to nit the note is not entirely correct about "cors"
since a same-origin request can have mode "cors" but will create a
normal response, not a "cors" one.

Received on Thursday, 22 October 2015 08:33:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:52 UTC