Please sign in to comment.
Make integrity="" work on module scripts
The primary normative content of this commit is that it fixes #2382 by passing the integrity metadata to the fetch call for the top-level module script, in <script type=module>. However, the way it does this is via a larger refactoring, which is setting the stage for #2315. It creates a new struct, the script fetch options, which is now shared by both module and classic scripts. Storing this for classic scripts is not currently useful, but will be for #2315 when, via import(), classic scripts are able to import module scripts, and need these fetch options to do so. This will also be useful for when we revive #2383, as <link rel=modulepreload> can have referrerpolicy="" specified on it, which will need to be passed down. (It would also be useful if we ever do w3c/webappsec-referrer-policy#96 and add referrerpolicy="" to <script>.) With this structure in place, it's a simple matter of adding a referrer policy item to the script fetch options.
- Loading branch information...
Oops, something went wrong.