/
824.txt
118 lines (88 loc) · 5.21 KB
/
824.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
[11] [CITE@en[Link Hashes - WHATWG Wiki]] ([TIME[2014-10-11 21:00:37 +09:00]] 版) <https://wiki.whatwg.org/wiki/Link_Hashes>
[1] [CITE@en[Subresource Integrity]]
( ([TIME[2014-03-15 05:47:19 +09:00]] 版))
<http://www.w3.org/TR/2014/WD-SRI-20140318/>
[2] [CITE@en[Subresource Integrity]]
( ([TIME[2014-05-21 09:40:41 +09:00]] 版))
<http://w3c.github.io/webappsec/specs/subresourceintegrity/>
[3] [CITE[IRC logs: freenode / #whatwg / 20140613]]
( ([TIME[2014-06-14 11:47:11 +09:00]] 版))
<http://krijnhoetmer.nl/irc-logs/whatwg/20140613#l-229>
[4] [CITE@en[Subresource Integrity]]
( ([TIME[2014-07-02 16:04:20 +09:00]] 版))
<http://w3c.github.io/webappsec/specs/subresourceintegrity/>
[5] [CITE@en[Fix old digest attribute · 80721db · w3c/webappsec]] ([TIME[2014-10-18 14:28:35 +09:00]] 版) <https://github.com/w3c/webappsec/commit/80721db13315f38d9a46dbd824fc2939619d50f0>
[6] [CITE@en[1100206 – Teach the parser about the integrity attribute]]
([TIME[2015-02-19 12:25:29 +09:00]] 版)
<https://bugzilla.mozilla.org/show_bug.cgi?id=1100206>
[7] [CITE@en[Changed integrity productions to reflect per-hash-expression options and... · w3c/webappsec@54e31a1]]
([TIME[2015-04-10 00:34:48 +09:00]] 版)
<https://github.com/w3c/webappsec/commit/54e31a12846eff424a018ce9d2078cfec798a888>
[8] [CITE@en[Got rid of MIME type references, other than note that they may be added ... · w3c/webappsec@beec679]]
([TIME[2015-04-10 00:34:59 +09:00]] 版)
<https://github.com/w3c/webappsec/commit/beec679207dbdd02231d6f7090833ecb2e1690cc>
[9] [CITE@en[Modified metadata algorithm to generate a set of strong hashes. · w3c/webappsec@7b00748]]
([TIME[2015-04-10 00:37:22 +09:00]] 版)
<https://github.com/w3c/webappsec/commit/7b00748ea09ca291215c8802a296ccda6c226d43>
[10] [CITE@en[Subresource Integrity]]
([TIME[2015-04-09 17:26:24 +09:00]] 版)
<http://www.w3.org/TR/2015/WD-SRI-20150409/>
[12] [CITE@en[Subresource Integrity]]
([TIME[2015-05-05 23:26:33 +09:00]] 版)
<http://www.w3.org/TR/2015/WD-SRI-20150505/>
[13] [CITE@en[''''''[''''''SRI'''''']'''''' Requiring CORS for SRI]]
([[Tanvi Vyas]] 著, [TIME[2015-05-07 03:17:41 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015May/0023.html>
[14] [CITE[Issue 1186883003: Ship Subresource Integrity - Code Review]]
([TIME[2015-06-20 11:40:17 +09:00]] 版)
<https://codereview.chromium.org/1186883003/>
[15] [CITE@en[SRI: Shipped on tip-of-tree Chromium]]
([[Joel Weinberger]] 著, [TIME[2015-06-20 04:06:46 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Jun/0053.html>
[16] [CITE@en[Subresource Integrity]]
([TIME[2015-07-07 16:18:55 +09:00]] 版)
<http://www.w3.org/TR/2015/WD-SRI-20150707/>
[17] [CITE@en[Support integrity. Fixes #85. · whatwg/fetch@12a1a6c]]
([TIME[2015-07-24 23:05:10 +09:00]] 版)
<https://github.com/whatwg/fetch/commit/12a1a6cc539262fb5e58717047b0fcb70b38ae26>
[18] [CITE@en[Bug 148363 – Implement Subresource Integrity (SRI)]]
([TIME[2015-08-24 11:38:53 +09:00]] 版)
<https://bugs.webkit.org/show_bug.cgi?id=148363>
[19] [CITE@en[Subresource Integrity]]
([TIME[2015-09-16 22:14:01 +09:00]] 版)
<http://www.w3.org/TR/2015/WD-SRI-20150916/>
[FIG(quote)[
[FIGCAPTION[
[20] [CITE[IRC logs: freenode / #whatwg / 20150928]]
([TIME[2015-09-29 10:44:08 +09:00]] 版)
<http://krijnhoetmer.nl/irc-logs/whatwg/20150928>
]FIGCAPTION]
>
> # '''['''10:44''']''' <mkwst> terinjokes: SRI only applies to those elements because the current spec is basically a test to check that we can actually verify integrity on the wild and crazy internet.
> # '''['''10:44''']''' <mkwst> terinjokes: Basically, they decided to do the simplest thing possible, make sure it works, and then expand it based on that experience.
> # '''['''10:45''']''' <mkwst> terinjokes: Tacking `integrity` attributes onto other elements as necessary is an obvious next step.
]FIG]
[21] [CITE@en[Subresource Integrity]]
([TIME[2015-10-06 22:14:42 +09:00]] 版)
<https://w3c.github.io/webappsec-subresource-integrity/>
[22] [CITE@en[w3c/webappsec-subresource-integrity]]
([TIME[2015-10-06 23:28:21 +09:00]] 版)
<https://github.com/w3c/webappsec-subresource-integrity>
[23] [CITE@en[Subresource Integrity]]
([TIME[2015-10-06 23:13:38 +09:00]] 版)
<http://www.w3.org/TR/2015/WD-SRI-20151006/>
[24] [CITE@en[Merge pull request #4 from fmarier/simplify-eligibility-alg · w3c/webappsec-subresource-integrity@f98f344]]
([TIME[2015-10-22 11:46:04 +09:00]] 版)
<https://github.com/w3c/webappsec-subresource-integrity/commit/f98f344856977a106f2660d4e75c697102f7c057>
[25] [CITE@en[Subresource Integrity]]
( ([TIME[2015-11-12 22:23:57 +09:00]] 版))
<http://www.w3.org/TR/2015/CR-SRI-20151112/>
[26] [CITE@en[Re: ''''''[''''''SRI'''''']'''''' Unmentioned use case: caching]]
([[Joel Weinberger]] 著, [TIME[2015-12-22 00:41:02 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Dec/0042.html>
[27] [CITE@en-us[Subresource Integrity - GitHub Engineering]]
([TIME[2015-12-18 00:30:15 +09:00]] 版)
<http://githubengineering.com/subresource-integrity/>
[28] [CITE@en[''''''[''''''CSP'''''']'''''' "sri" source expression to enforce SRI]]
([[Patrick Toomey]] 著, [TIME[2015-12-22 02:34:34 +09:00]] 版)
<https://lists.w3.org/Archives/Public/public-webappsec/2015Dec/0045.html>