Re: [SRI] Call for Consensus: Subresource Integrity to Candidate Recommenation from Anne van Kesteren on 2015-10-22 (public-webappsec@w3.org from October 2015)

From: Anne van Kesteren <annevk@annevk.nl>
Date: Thu, 22 Oct 2015 10:32:55 +0200
To: Joel Weinberger <jww@chromium.org>
Cc: Brad Hill <hillbrad@gmail.com>, Frederik Braun <fbraun@mozilla.com>, WebAppSec WG <public-webappsec@w3.org>
Message-ID: <CADnb78h5Fgb9dp2+6_8W5GeLekvfyE7Q7n++q7AoNBrHJ_k8WA@mail.gmail.com>

On Thu, Oct 22, 2015 at 1:51 AM, Joel Weinberger <jww@chromium.org> wrote:
> Anne, can you confirm that this recent pull request
> (https://github.com/w3c/webappsec-subresource-integrity/pull/4) addresses
> your concerns about isEligible()?

Yeah. Though to nit the note is not entirely correct about "cors"
since a same-origin request can have mode "cors" but will create a
normal response, not a "cors" one.

-- 
https://annevankesteren.nl/

Received on Thursday, 22 October 2015 08:33:21 UTC