-
There's a new W3C draft spec that seems like it falls in the domain of Dandelion Core -- basically, a checksum of the JS or CSS file being referenced gets added to an "integrity" attribute, so that yo…
pioto updated
9 years ago
-
I'm planning to host my application static resources, bundles included, on a CDN so I started tackling the problem from the [Subresources Integrity](https://developer.mozilla.org/en-US/docs/Web/Securi…
-
This ticket is to evaluate the feasibility / usefulness and integration of the Subresource integrity experimental feature (available in latests Firefox and Chrome, next major TorBrowser release) from …
-
We already support parsing and checking subresource integrity headers in https://github.com/servo/servo/blob/master/components/net/subresource_integrity.rs, but there is the [`ssri` crate](https://doc…
-
Currently the documentation for the `integrity` field:
> integrity: The [Subresource Integrity](https://w3c.github.io/webappsec-subresource-integrity/#integrity-metadata-description) checksum of th…
keith updated
2 months ago
-
There doesn't seem to be an API for this, so probably a test of some kind needs to be performed.
-
> BLAKE2 is a cryptographic hash function faster than MD5, SHA-1, SHA-2, and SHA-3, yet is at least as secure as the latest standard SHA-3. BLAKE2 has been adopted by many projects due to its high spe…
-
We should include the subresource integrity attribute for CDN hosted assets:
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
-
https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity
-
I've got inlined JS and CSS, I should move that out.