Editorial: change style of preload integrity metadata test #10924
Conversation
* It previously had a misplaced "; or" and an extra ";" * Move from !(A || B) to !A && !B for clarity
|
|
||
| <ul> | ||
| <li><p><var>consumerIntegrityMetadata</var> is <code data-x="">no metadata</code>;</p></li> | ||
| <li><p><var>consumerIntegrityMetadata</var> is not <code data-x="">no metadata</code>; |
There was a problem hiding this comment.
This should probably have quotes?
Though then I looked at https://w3c.github.io/webappsec-subresource-integrity/#parse-metadata and I no longer understand how this even works. I guess SRI changed underneath us or am I missing something?
There was a problem hiding this comment.
Great catch. I think it's straightforward to fix, so I pushed something. I'll be sure to update the commit message when merging.
There was a problem hiding this comment.
Presumably this should use "map is empty"?
There was a problem hiding this comment.
No, an integrity metadata is now a set of maps, so it's comparing the sets.
There was a problem hiding this comment.
Oh right, why don't they store it as algorithm -> value? Weird.
|
|
||
| <ul> | ||
| <li><p><var>consumerIntegrityMetadata</var> is <code data-x="">no metadata</code>;</p></li> | ||
| <li><p><var>consumerIntegrityMetadata</var> is not <code data-x="">no metadata</code>; |
There was a problem hiding this comment.
Presumably this should use "map is empty"?
| <p><var>consumerIntegrityMetadata</var> is equal to <var>preloadIntegrityMetadata</var>; | ||
| or</p> | ||
| <p><var>consumerIntegrityMetadata</var> is not equal to | ||
| <var>preloadIntegrityMetadata</var></p> |
There was a problem hiding this comment.
So this compares the maps? Feels a little sketchy to do that this way, but note that with this new style of parsing the XXX below is resolved as we do now ignore unknown integrity options. Not sure that is tested however and I would also be surprised if it matches implementations.
cc @noamr
There was a problem hiding this comment.
Yeah fair, this should probably use "not deeply equal" (without linking to anything, since we haven't defined that).
/links.html ( diff )