Re: Security / Technical feedback on subresource integrity specification from Mhano Harkness on 2016-01-20 (public-webappsec@w3.org from January 2016)

From: Mhano Harkness <mhano@deltalateral.com>
Date: Wed, 20 Jan 2016 16:26:59 +1100
To: public-webappsec@w3.org
Message-ID: <CANRpNNn7dEyhe_2xnybsS27b7YBRLZvYWzWUuwj7G6eeWvzgGA@mail.gmail.com>

P.S. Should probably have made that example https...

script src="https://cdn.mysite.com/scripts/googleX.v1.9.3.j
<http://cdn.mysite.com/scripts/googleX.v1.9.3.js>s"
  noncanonical-src="https://cdn.google.com/googleX.v1.9.3.js
<http://cdn.google.com/googleX.v1.9.3.js>"
  integrity="hashAlg-hash"...

Received on Wednesday, 20 January 2016 05:27:35 UTC