- From: Frederik Braun <fbraun@mozilla.com>
- Date: Wed, 21 Jun 2017 09:11:11 +0200
- To: public-webappsec@w3.org
Yes.
This is in the fetch spec at
<https://fetch.spec.whatwg.org/#concept-request-integrity-metadata> (and
look for other occurences of 'integrity metadata').
On 20.06.2017 08:22, Zhang, Xiaofeng wrote:
> Hello,
>
>
>
> I am not sure this is a proper place to ask the question, but no reply
> in github: https://github.com/w3c/webappsec-subresource-integrity/issues/71
>
>
>
> I am working a chromium fetch test issue, the test is to set a
> script.integrity, and then determine whether this integrity value and
> FetchEvent returned integrity value are equal.
>
> My question is that if the spec require FetchEvent return this value? I
> didn't find that here https://www.w3.org/TR/SRI/.
>
> Thanks a lot for your kindly answer!
>
>
>
> Some test code:
>
>
>
> function script_integrity_test(frame, url, integrity,
> expected_integrity)
> {
>
>
> var actual_url = url +
> (++url_count);
>
>
> expected_results[actual_url] = {
>
>
> url:
> actual_url,
>
>
> mode:
> 'no-cors',
>
>
> credentials: 'include',
>
>
> redirect:
> 'follow',
>
>
> integrity:
> expected_integrity,
>
>
> message: 'Script load (url:' + actual_url +
> ')'
>
>
> };
>
>
> return frame.contentWindow.load_script_with_integrity(actual_url,
> integrity);
>
>
> }
>
> ---------------------------
>
> function load_script_with_integrity(url, integrity) {
>
> var script = document.createElement('script');
>
> script.src = url;
>
> script.integrity = integrity;
>
> document.body.appendChild(script);
>
> }
>
> ----------------------------
>
> assert_equals(result.integrity, expected.integrity)
>
>
>
>
>
> Best Regards
>
> Xiaofeng Zhang
>
>
>
Received on Wednesday, 21 June 2017 07:11:46 UTC