W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2015

Re: [SRI] Call for Consensus: Subresource Integrity to Candidate Recommenation

From: Brad Hill <hillbrad@gmail.com>
Date: Mon, 26 Oct 2015 06:36:30 +0000
Message-ID: <CAEeYn8h8RNu-NU1_PW8r7D-h=nVOR_ZEKxmEos0KaRtLiYteOg@mail.gmail.com>
To: Devdatta Akhawe <dev.akhawe@gmail.com>, Joel Weinberger <jww@chromium.org>
Cc: Anne van Kesteren <annevk@annevk.nl>, Frederik Braun <fbraun@mozilla.com>, WebAppSec WG <public-webappsec@w3.org>
OK, great.  If there are no more objections, I'll make the publication
request.  It won't happen until next week because the W3C team is busy at
TPAC this week, but we are good to go.  Congrats!

On Sat, Oct 24, 2015 at 8:15 AM Devdatta Akhawe <dev.akhawe@gmail.com>
wrote:

> @brad Assuming this minor issue is resolved, what are the next steps?
> the cfc expired on 13 Oct 2015.
>
> ~dev
>
> On 22 October 2015 at 09:20, Joel Weinberger <jww@chromium.org> wrote:
> > Thanks, Anne. I'll write up a fix and CC you on it.
> > --Joel
> >
> > On Thu, Oct 22, 2015 at 1:32 AM Anne van Kesteren <annevk@annevk.nl>
> wrote:
> >>
> >> On Thu, Oct 22, 2015 at 1:51 AM, Joel Weinberger <jww@chromium.org>
> wrote:
> >> > Anne, can you confirm that this recent pull request
> >> > (https://github.com/w3c/webappsec-subresource-integrity/pull/4)
> >> > addresses
> >> > your concerns about isEligible()?
> >>
> >> Yeah. Though to nit the note is not entirely correct about "cors"
> >> since a same-origin request can have mode "cors" but will create a
> >> normal response, not a "cors" one.
> >>
> >>
> >> --
> >> https://annevankesteren.nl/
>
Received on Monday, 26 October 2015 06:37:09 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:52 UTC