Re: [SRI] Call for Consensus: Subresource Integrity to Candidate Recommenation from Joel Weinberger on 2015-10-22 (public-webappsec@w3.org from October 2015)

From: Joel Weinberger <jww@chromium.org>
Date: Thu, 22 Oct 2015 16:20:22 +0000
To: Anne van Kesteren <annevk@annevk.nl>
Cc: Brad Hill <hillbrad@gmail.com>, Frederik Braun <fbraun@mozilla.com>, WebAppSec WG <public-webappsec@w3.org>
Message-ID: <CAHQV2Kkn2P9Pte+qzH1ucZPS=Ljh8mwZecSHT-3e2-nWGZn0bA@mail.gmail.com>

Thanks, Anne. I'll write up a fix and CC you on it.
--Joel

On Thu, Oct 22, 2015 at 1:32 AM Anne van Kesteren <annevk@annevk.nl> wrote:

> On Thu, Oct 22, 2015 at 1:51 AM, Joel Weinberger <jww@chromium.org> wrote:
> > Anne, can you confirm that this recent pull request
> > (https://github.com/w3c/webappsec-subresource-integrity/pull/4)
> addresses
> > your concerns about isEligible()?
>
> Yeah. Though to nit the note is not entirely correct about "cors"
> since a same-origin request can have mode "cors" but will create a
> normal response, not a "cors" one.
>
>
> --
> https://annevankesteren.nl/
>

Received on Thursday, 22 October 2015 16:21:00 UTC