@@ -3,16 +3,56 @@
<meta content =" text/html; charset=utf-8" http-equiv =" Content-Type"
<meta content =" width=device-width, initial-scale=1, shrink-to-fit=no" name =" viewport"
<title >Subresource Integrity</title >
- <link href = " default.css " rel = " stylesheet " type = " text/css "
- <link href =" https://www.w3.org/StyleSheets/TR/W3C-CR" rel =" stylesheet" type =" text/css"
+ <meta content = " CR " name = " w3c-status "
+ <link href =" https://www.w3.org/StyleSheets/TR/2016/ W3C-CR" rel =" stylesheet" type =" text/css"
<meta content =" Bikeshed 1.0.0" name =" generator"
-<style >
+<style >/* style-md-lists */
+
+ /* This is a weird hack for me not yet following the commonmark spec
+ regarding paragraph and lists. */
+ [data-md] > :first-child {
+ margin-top 0 ;
+ }
+ [data-md] > :last-child {
+ margin-bottom 0 ;
+ }</style >
+<style >/* style-counters */
+
+ body {
+ counter-reset
+ }
+ .issue {
+ counter-increment
+ }
+ .issue :not (.no-marker )::before {
+ content " Issue " counter (issue );
+ }
+
+ .example {
+ counter-increment
+ }
+ .example :not (.no-marker )::before {
+ content " Example " counter (example );
+ }
+ .invalid.example :not (.no-marker )::before ,
+ .illegal.example :not (.no-marker )::before {
+ content " Invalid Example" counter (example );
+ }
+
+ figure {
+ counter-increment
+ }
+ figcaption :not (.no-marker )::before {
+ content " Figure " counter (figure );
+ }</style >
+<style >/* style-dfn-panel */
+
.dfn-panel {
- display inline-block ;
position absolute ;
z-index 35 ;
height auto ;
width
+ width
max-width 300px ;
max-height 500px ;
overflow auto ;
@@ -28,29 +68,138 @@
.dfn-panel a { color black ; }
.dfn-panel a :not (:hover ) { text-decoration none !important ; border-bottom none !important ; }
.dfn-panel > b + b { margin-top 0.25em ; }
- .dfn-panel > span { display list-item ; list-style inside ; }
+ .dfn-panel ul { padding 0 ; }
+ .dfn-panel li { list-style inside ; }
.dfn-panel.activated {
display inline-block ;
position fixed ;
left .5em ;
- bottom .5 em
+ bottom 2 em
margin 0 auto ;
max-width 100 vw - 1.5em - .4em - .5em );
max-height 30 vh;
}
.dfn-paneled { cursor pointer ; }
</style >
+<style >/* style-selflinks */
+
+ .heading , .issue , .note , .example , li , dt {
+ position relative ;
+ }
+ a .self-link {
+ position absolute ;
+ top 0 ;
+ left -1 * (3.5rem - 26px ));
+ width 3.5rem - 26px );
+ height 2em ;
+ text-align center ;
+ border none ;
+ transition .2s ;
+ opacity .5 ;
+ }
+ a .self-link :hover {
+ opacity 1 ;
+ }
+ .heading > a .self-link {
+ font-size 83% ;
+ }
+ li > a .self-link {
+ left -1 * (3.5rem - 26px ) - 2em );
+ }
+ dfn > a .self-link {
+ top auto ;
+ left auto ;
+ opacity 0 ;
+ width 1.5em ;
+ height 1.5em ;
+ background gray ;
+ color white ;
+ font-style normal ;
+ transition .2s , background-color .2s , color .2s ;
+ }
+ dfn :hover > a .self-link {
+ opacity 1 ;
+ }
+ dfn > a .self-link :hover {
+ color black ;
+ }
+
+ a .self-link ::before { content " ¶"
+ .heading > a .self-link ::before { content " §"
+ dfn > a .self-link ::before { content " #" style >
+<style >/* style-autolinks */
+
+ .css.css , .property.property , .descriptor.descriptor {
+ color #005a9c ;
+ font-size inherit ;
+ font-family inherit ;
+ }
+ .css ::before , .property ::before , .descriptor ::before {
+ content " ‘"
+ }
+ .css ::after , .property ::after , .descriptor ::after {
+ content " ’"
+ }
+ .property , .descriptor {
+ /* Don't wrap property and descriptor names */
+ white-space nowrap ;
+ }
+ .type { /* CSS value <type> */
+ font-style italic ;
+ }
+ pre .property ::before , pre .property ::after {
+ content " "
+ }
+ [data-link -type="property"]::before ,
+ [data-link -type="propdesc"]::before ,
+ [data-link -type="descriptor"]::before ,
+ [data-link -type="value"]::before ,
+ [data-link -type="function"]::before ,
+ [data-link -type="at-rule"]::before ,
+ [data-link -type="selector"]::before ,
+ [data-link -type="maybe"]::before {
+ content " ‘"
+ }
+ [data-link -type="property"]::after ,
+ [data-link -type="propdesc"]::after ,
+ [data-link -type="descriptor"]::after ,
+ [data-link -type="value"]::after ,
+ [data-link -type="function"]::after ,
+ [data-link -type="at-rule"]::after ,
+ [data-link -type="selector"]::after ,
+ [data-link -type="maybe"]::after {
+ content " ’"
+ }
+
+ [data-link -type].production ::before ,
+ [data-link -type].production ::after ,
+ .prod [data-link -type]::before ,
+ .prod [data-link -type]::after {
+ content " "
+ }
+
+ [data-link -type=element],
+ [data-link -type=element-attr] {
+ font-family " DejaVu Sans Mono" monospace ;
+ font-size .9em ;
+ }
+ [data-link -type=element]::before { content " <"
+ [data-link -type=element]::after { content " >"
+
+ [data-link -type=biblio] {
+ white-space pre ;
+ }</style >
<body class =" h-entry"
<div class =" head"
- <p data-fill-with =" logo" a class =" logo" href =" http://www.w3.org/" img alt =" W3C" height =" 48" src =" https://www.w3.org/Icons/w3c_home " width =" 72" a > </p >
+ <p data-fill-with =" logo" a class =" logo" href =" http://www.w3.org/" img alt =" W3C" height =" 48" src =" https://www.w3.org/StyleSheets/TR/2016/logos/W3C " width =" 72" a > </p >
<h1 class =" p-name no-ref" id =" title" h1 >
- <h2 class =" no-num no-toc no-ref heading settled" id =" subtitle" span class =" content" time class =" dt-updated" datetime =" 2016-03-08 " >8 March 2016</time ></span ></h2 >
+ <h2 class =" no-num no-toc no-ref heading settled" id =" subtitle" span class =" content" time class =" dt-updated" datetime =" 2016-05-18 " >18 May 2016</time ></span ></h2 >
<div data-fill-with =" spec-metadata"
<dl >
<dt >This version:
- <dd ><a class =" u-url" href =" http://www.w3.org/TR/2016/CR-SRI-1-20160308 /" 20160308 /</a >
- <dt >Latest version:
+ <dd ><a class =" u-url" href =" http://www.w3.org/TR/2016/CR-SRI-1-20160518 /" 20160518 /</a >
+ <dt >Latest published version:
<dd ><a href =" http://www.w3.org/TR/SRI/" a >
<dt >Editor's Draft:
<dd ><a href =" https://w3c.github.io/webappsec-subresource-integrity/" a >
@@ -293,13 +442,13 @@ <h4 class="heading settled" data-level="1.2.1" id="resource-integrity"><span cla
</ul >
<h2 class =" heading settled" data-level =" 2" id =" terms" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #terms" a ></h2 >
<p >This section defines several terms used throughout the document.</p >
- <p >The term <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-lt = " digest " data- noexport" " id =" digest" < span class = " dfn-panel " data-deco = " " >< b >< a href = " #digest " >#digest</ a ></ b >< b >Referenced in:</ b >< span >< a href = " #ref-for-digest-1 " >3.1. Integrity metadata</ a ></ span ></ span > </dfn > refers to the base64 encoded result of
+ <p >The term <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-noexport =" " id =" digest" dfn > refers to the base64 encoded result of
executing a cryptographic hash function on an arbitrary block of data.</p >
- <p >The terms <dfn data-dfn-type =" dfn" data-noexport =" " id =" origin" a class =" self-link" href =" #origin" a ></dfn >, <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-lt =" cross-origin" data-noexport =" " id =" cross-origin" span class =" dfn-panel" data-deco =" " b ><a href =" #cross-origin" a ></b ><b >Referenced in:</b ><span ><a href =" #ref-for-cross-origin-1" a ></span ></span ></dfn >, and <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-lt =" same-origin" data-noexport =" " id =" same-origin" span class =" dfn-panel" data-deco =" " b ><a href =" #same-origin" a ></b ><b >Referenced in:</b ><span ><a href =" #ref-for-same-origin-1" a > <a href =" #ref-for-same-origin-2" a ></span ></span ></dfn > are defined by the Origin specification. <a data-link-type =" biblio" href =" #biblio-origin" a ></p >
- <p >The <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-lt =" representation data" data-noexport =" " id =" representation-data" span class =" dfn-panel" data-deco =" " b ><a href =" #representation-data" a ></b ><b >Referenced in:</b ><span ><a href =" #ref-for-representation-data-1" a > <a href =" #ref-for-representation-data-2" a ></span ></span ></dfn > and <dfn data-dfn-type =" dfn" data-noexport =" " id =" content-encoding" a class =" self-link" href =" #content-encoding" a ></dfn > of a resource
+ <p >The terms <dfn data-dfn-type =" dfn" data-noexport =" " id =" origin" a class =" self-link" href =" #origin" a ></dfn >, <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-noexport =" " id =" cross-origin" dfn >, and <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-noexport =" " id =" same-origin" dfn > are defined by the Origin specification. <a data-link-type =" biblio" href =" #biblio-origin" a ></p >
+ <p >The <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-noexport =" " id =" representation-data" dfn > and <dfn data-dfn-type =" dfn" data-noexport =" " id =" content-encoding" a class =" self-link" href =" #content-encoding" a ></dfn > of a resource
are defined by <a href =" https://tools.ietf.org/html/rfc7231#section-3"
of RFC 7231</a >. <a data-link-type =" biblio" href =" #biblio-rfc7231" a ></p >
- <p >A <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-lt =" base64 encoding" data-noexport =" " id =" base64-encoding" span class =" dfn-panel" data-deco =" " b ><a href =" #base64-encoding" a ></b ><b >Referenced in:</b ><span ><a href =" #ref-for-base64-encoding-1" a ></span ><span ><a href =" #ref-for-base64-encoding-2" a ></span ></span ></dfn > is defined in <a href =" https://tools.ietf.org/html/rfc4648#section-4" a >. <a data-link-type =" biblio" href =" #biblio-rfc4648" a ></p >
+ <p >A <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-noexport =" " id =" base64-encoding" dfn > is defined in <a href =" https://tools.ietf.org/html/rfc4648#section-4" a >. <a data-link-type =" biblio" href =" #biblio-rfc4648" a ></p >
<p >The <a data-link-type =" dfn" href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a >, <a data-link-type =" dfn" href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a >, and <a data-link-type =" dfn" href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a > are part
of the <a data-link-type =" dfn" href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a > set of cryptographic hash functions defined by the
NIST. <a data-link-type =" biblio" href =" #biblio-sha2" a ></p >
@@ -314,9 +463,8 @@ <h2 class="heading settled" data-level="3" id="framework"><span class="secno">3.
resource, and transmitting that digest to a user agent so that it may be
used to verify the response.</p >
<h3 class =" heading settled" data-level =" 3.1" id =" integrity-metadata-description" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #integrity-metadata-description" a ></h3 >
- <p >To verify the integrity of a response, a user agent requires <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-lt =" integrity
-metadata" data-noexport =" " id =" integrity-metadata"
-metadata<span class="dfn-panel" data-deco=""><b><a href="#integrity-metadata">#integrity-metadata</a></b><b>Referenced in:</b><span><a href="#ref-for-integrity-metadata-1">1.2.1. Resource Integrity</a> <a href="#ref-for-integrity-metadata-2">(2)</a> <a href="#ref-for-integrity-metadata-3">(3)</a></span><span><a href="#ref-for-integrity-metadata-4">3.2. Cryptographic hash functions</a></span><span><a href="#ref-for-integrity-metadata-5">3.2.1. Agility</a></span><span><a href="#ref-for-integrity-metadata-6">3.3.3. Parse metadata</a></span><span><a href="#ref-for-integrity-metadata-7">3.5. The integrity attribute</a></span><span><a href="#ref-for-integrity-metadata-8">3.8.1. The link element for stylesheets</a></span><span><a href="#ref-for-integrity-metadata-9">3.8.2. The script element</a></span><span><a href="#ref-for-integrity-metadata-10">4. Proxies</a></span><span><a href="#ref-for-integrity-metadata-11">5.1. Non-secure contexts remain non-secure</a></span></span></dfn> as part of the <a data-link-type="dfn" href="https://fetch.spec.whatwg.org#concept-request">request</a>. This metadata consists of the
+ <p >To verify the integrity of a response, a user agent requires <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-noexport =" " id =" integrity-metadata"
+metadata</dfn > as part of the <a data-link-type =" dfn" href =" https://fetch.spec.whatwg.org#concept-request" a >. This metadata consists of the
following pieces of information:</p >
<ul >
<li data-md =" "
@@ -392,7 +540,7 @@ <h4 class="heading settled" data-level="3.2.1" id="agility"><span class="secno">
<h4 class =" heading settled" data-level =" 3.2.2" id =" priority" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #priority" a ></h4 >
<p >User agents must provide a mechanism for determining the relative priority of two
hash functions and return the empty string if the priority is equal. That is, if
-a user agent implemented a function like <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-lt =" getPrioritizedHashFunction" data-noexport =" " id =" getprioritizedhashfunction" span class =" dfn-panel" data-deco =" " b ><a href =" #getprioritizedhashfunction" a ></b ><b >Referenced in:</b ><span ><a href =" #ref-for-getprioritizedhashfunction-1" a ></span ><span ><a href =" #ref-for-getprioritizedhashfunction-2" a ></span ></span ></dfn >(a,
+a user agent implemented a function like <dfn class =" dfn-paneled" data-dfn-type =" dfn" data-noexport =" " id =" getprioritizedhashfunction" dfn >(a,
b) it would return the hash function the user agent considers the most
collision-resistant. For example, <code >getPrioritizedHashFunction('sha256',
'sha512')</code > would return <code >'sha512'</code > and <code >getPrioritizedHashFunction('sha256',
@@ -457,8 +605,6 @@ <h4 class="heading settled" data-level="3.3.2" id="is-response-eligible"><span c
response to the request, so its body, too, is fully readable by the requestor.</p >
</ul >
</div >
- <p class =" note" role =" note" a data-link-type =" dfn" href =" https://fetch.spec.whatwg.org#concept-response-type" a > for data URLs will always be "opaque" for <code >script</code > and <code >link</code > elements, such URLs are never eligible for integrity
-checks. Blob URLs on the other hand are usually considered <a data-link-type =" dfn" href =" #same-origin" id =" ref-for-same-origin-2" a > and therefore are eligible for integrity checks.</p >
<h4 class =" heading settled" data-level =" 3.3.3" id =" parse-metadata" span class =" secno" span ><span class =" content" var >metadata</var ></span ><a class =" self-link" href =" #parse-metadata" a ></h4 >
<p >This algorithm accepts a string, and returns either <code >no metadata</code >, or a set of
valid hash expressions whose hash functions are understood by
@@ -575,11 +721,11 @@ <h3 class="heading settled" data-level="3.5" id="the-integrity-attribute"><span
The value of the attribute MUST be either the empty string, or at least one
valid metadata as described by the following ABNF grammar:</p >
<pre ><dfn data-dfn-type =" grammar" data-export =" " id =" grammardef-integrity-metadata" a class =" self-link" href =" #grammardef-integrity-metadata" a ></dfn > = *<a data-link-type =" grammar" href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a > <a data-link-type =" grammar" href =" #grammardef-hash-with-options" id =" ref-for-grammardef-hash-with-options-1" a > *(1*<a data-link-type =" grammar" href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a > <a data-link-type =" grammar" href =" #grammardef-hash-with-options" id =" ref-for-grammardef-hash-with-options-2" a > ) *<a data-link-type =" grammar" href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a > / *<a data-link-type =" grammar" href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a >
-<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " data-lt =" hash-with-options" id =" grammardef-hash-with-options" span class =" dfn-panel" data-deco =" " b ><a href =" #grammardef-hash-with-options" a ></b ><b >Referenced in:</b ><span ><a href =" #ref-for-grammardef-hash-with-options-1" a > <a href =" #ref-for-grammardef-hash-with-options-2" a ></span ></span ></dfn > = <a data-link-type =" grammar" href =" #grammardef-hash-expression" id =" ref-for-grammardef-hash-expression-1" a > *("?" <a data-link-type =" grammar" href =" #grammardef-option-expression" id =" ref-for-grammardef-option-expression-1" a >)
-<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " data-lt = " option-expression " id =" grammardef-option-expression" < span class = " dfn-panel " data-deco = " " >< b >< a href = " #grammardef-option-expression " >#grammardef-option-expression</ a ></ b >< b >Referenced in:</ b >< span >< a href = " #ref-for-grammardef-option-expression-1 " >3.5. The integrity attribute</ a ></ span ></ span > </dfn > = *<a data-link-type =" grammar" href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a >
-<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " data-lt = " hash-algo " id =" grammardef-hash-algo" < span class = " dfn-panel " data-deco = " " >< b >< a href = " #grammardef-hash-algo " >#grammardef-hash-algo</ a ></ b >< b >Referenced in:</ b >< span >< a href = " #ref-for-grammardef-hash-algo-1 " >3.5. The integrity attribute</ a ></ span ></ span > </dfn > = < hash-algo production from [Content Security Policy Level 2, section 4.2]>
-<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " data-lt = " base64-value " id =" grammardef-base64-value" < span class = " dfn-panel " data-deco = " " >< b >< a href = " #grammardef-base64-value " >#grammardef-base64-value</ a ></ b >< b >Referenced in:</ b >< span >< a href = " #ref-for-grammardef-base64-value-1 " >3.5. The integrity attribute</ a ></ span ></ span > </dfn > = < base64-value production from [Content Security Policy Level 2, section 4.2]>
-<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " data-lt =" hash-expression" id =" grammardef-hash-expression" span class =" dfn-panel" data-deco =" " b ><a href =" #grammardef-hash-expression" a ></b ><b >Referenced in:</b ><span ><a href =" #ref-for-grammardef-hash-expression-1" a ></span ></span ></dfn > = <a data-link-type =" grammar" href =" #grammardef-hash-algo" id =" ref-for-grammardef-hash-algo-1" a > "-" <a data-link-type =" grammar" href =" #grammardef-base64-value" id =" ref-for-grammardef-base64-value-1" a >
+<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " id =" grammardef-hash-with-options" dfn > = <a data-link-type =" grammar" href =" #grammardef-hash-expression" id =" ref-for-grammardef-hash-expression-1" a > *("?" <a data-link-type =" grammar" href =" #grammardef-option-expression" id =" ref-for-grammardef-option-expression-1" a >)
+<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " id =" grammardef-option-expression" dfn > = *<a data-link-type =" grammar" href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a >
+<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " id =" grammardef-hash-algo" dfn > = < hash-algo production from [Content Security Policy Level 2, section 4.2]>
+<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " id =" grammardef-base64-value" dfn > = < base64-value production from [Content Security Policy Level 2, section 4.2]>
+<dfn class =" dfn-paneled" data-dfn-type =" grammar" data-export =" " id =" grammardef-hash-expression" dfn > = <a data-link-type =" grammar" href =" #grammardef-hash-algo" id =" ref-for-grammardef-hash-algo-1" a > "-" <a data-link-type =" grammar" href =" #grammardef-base64-value" id =" ref-for-grammardef-base64-value-1" a >
</pre >
<p >The <code >integrity</code > IDL attribute must <a data-link-type =" dfn" href =" http://www.w3.org/TR/html5/infrastructure.html#reflect" a > the <code >integrity</code > content attribute.</p >
<p ><code >option-expression</code >s are associated on a per <code >hash-expression</code > basis and are
@@ -593,15 +739,15 @@ <h3 class="heading settled" data-level="3.5" id="the-integrity-attribute"><span
<h3 class =" heading settled" data-level =" 3.6" id =" interface-extensions" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #interface-extensions" a ></h3 >
<h4 class =" heading settled" data-level =" 3.6.1" id =" HTMLLinkElement" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #HTMLLinkElement" a ></h4 >
<pre class =" idl def" a class =" idl-code" data-link-type =" interface" href =" https://html.spec.whatwg.org/multipage/semantics.html#htmllinkelement" a > {
- attribute DOMString <dfn class =" idl-code" data-dfn-for =" HTMLLinkElement" data-dfn-type =" attribute" data-export =" " data-type =" DOMString " id =" dom-htmllinkelement-integrity" a class =" self-link" href =" #dom-htmllinkelement-integrity" a ></dfn >;
+ attribute DOMString <dfn class =" idl-code" data-dfn-for =" HTMLLinkElement" data-dfn-type =" attribute" data-export =" " data-type =" DOMString" id =" dom-htmllinkelement-integrity" a class =" self-link" href =" #dom-htmllinkelement-integrity" a ></dfn >;
};
</pre >
<h5 class =" heading settled" data-level =" 3.6.1.1" id =" HTMLLinkElement-Attributes" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #HTMLLinkElement-Attributes" a ></h5 >
<b >integrity</b > of type <code >DOMString</code >: The value of this element’s integrity
attribute.
<h4 class =" heading settled" data-level =" 3.6.2" id =" HTMLScriptElement" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #HTMLScriptElement" a ></h4 >
<pre class =" idl def" a class =" idl-code" data-link-type =" interface" href =" https://html.spec.whatwg.org/multipage/scripting.html#htmlscriptelement" a > {
- attribute DOMString <dfn class =" idl-code" data-dfn-for =" HTMLScriptElement" data-dfn-type =" attribute" data-export =" " data-type =" DOMString " id =" dom-htmlscriptelement-integrity" a class =" self-link" href =" #dom-htmlscriptelement-integrity" a ></dfn >;
+ attribute DOMString <dfn class =" idl-code" data-dfn-for =" HTMLScriptElement" data-dfn-type =" attribute" data-export =" " data-type =" DOMString" id =" dom-htmlscriptelement-integrity" a class =" self-link" href =" #dom-htmlscriptelement-integrity" a ></dfn >;
};
</pre >
<h5 class =" heading settled" data-level =" 3.6.2.1" id =" HTMLScriptElement-Attributes" span class =" secno" span ><span class =" content" span ><a class =" self-link" href =" #HTMLScriptElement-Attributes" a ></h5 >
@@ -751,20 +897,20 @@ <h3 class="no-num no-ref heading settled" id="index-defined-here"><span class="c
<h3 class =" no-num no-ref heading settled" id =" index-defined-elsewhere" span class =" content" span ><a class =" self-link" href =" #index-defined-elsewhere" a ></h3 >
<ul class =" index"
<li >
- <a data-link-type =" biblio" href = " #biblio-abnf " a > defines the following terms:
+ <a data-link-type =" biblio" a > defines the following terms:
<ul >
<li ><a href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a >
<li ><a href =" https://tools.ietf.org/html/rfc5234#appendix-B.1" a >
</ul >
<li >
- <a data-link-type =" biblio" href = " #biblio-fetch " a > defines the following terms:
+ <a data-link-type =" biblio" a > defines the following terms:
<ul >
<li ><a href =" https://fetch.spec.whatwg.org#concept-fetch" a >
<li ><a href =" https://fetch.spec.whatwg.org#concept-request" a >
<li ><a href =" https://fetch.spec.whatwg.org#concept-response-type" a >
</ul >
<li >
- <a data-link-type =" biblio" href = " #biblio-html5 " >[html5 ]</a > defines the following terms:
+ <a data-link-type =" biblio" >[HTML5 ]</a > defines the following terms:
<ul >
<li ><a href =" http://www.w3.org/TR/html5/infrastructure.html#cors-settings-attributes" a >
<li ><a href =" http://www.w3.org/TR/html5/document-metadata.html#concept-link-obtain" a >
@@ -773,26 +919,26 @@ <h3 class="no-num no-ref heading settled" id="index-defined-elsewhere"><span cla
<li ><a href =" http://www.w3.org/TR/html5/infrastructure.html#split-a-string-on-spaces" a >
</ul >
<li >
- <a data-link-type =" biblio" href = " #biblio-rfc7234 " a > defines the following terms:
+ <a data-link-type =" biblio" a > defines the following terms:
<ul >
<li ><a href =" https://tools.ietf.org/html/rfc7234#section-5.2" a >
<li ><a href =" https://tools.ietf.org/html/rfc7234#section-5.2.1.6" a >
</ul >
<li >
- <a data-link-type =" biblio" href = " #biblio-secure-contexts " a > defines the following terms:
+ <a data-link-type =" biblio" a > defines the following terms:
<ul >
<li ><a href =" " http://www.w3.org/TR/powerful-features/" #secure-context" a >
</ul >
<li >
- <a data-link-type =" biblio" href = " #biblio-sha2 " a > defines the following terms:
+ <a data-link-type =" biblio" a > defines the following terms:
<ul >
<li ><a href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a >
<li ><a href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a >
<li ><a href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a >
<li ><a href =" http://csrc.nist.gov/publications/fips/fips180-4/fips-180-4.pdf#" a >
</ul >
<li >
- <a data-link-type =" biblio" href = " #biblio-html " a > defines the following terms:
+ <a data-link-type =" biblio" a > defines the following terms:
<ul >
<li ><a href =" https://html.spec.whatwg.org/multipage/semantics.html#htmllinkelement" a >
<li ><a href =" https://html.spec.whatwg.org/multipage/scripting.html#htmlscriptelement" a >
@@ -841,26 +987,110 @@ <h3 class="no-num no-ref heading settled" id="informative"><span class="content"
</dl >
<h2 class =" no-num no-ref heading settled" id =" idl-index" span class =" content" span ><a class =" self-link" href =" #idl-index" a ></h2 >
<pre class =" idl def" a class =" idl-code" data-link-type =" interface" href =" https://html.spec.whatwg.org/multipage/semantics.html#htmllinkelement" a > {
- attribute DOMString <a data-type =" DOMString " href =" #dom-htmllinkelement-integrity" a >;
+ attribute DOMString <a data-type =" DOMString" href =" #dom-htmllinkelement-integrity" a >;
};
partial interface <a class =" idl-code" data-link-type =" interface" href =" https://html.spec.whatwg.org/multipage/scripting.html#htmlscriptelement" a > {
- attribute DOMString <a data-type =" DOMString " href =" #dom-htmlscriptelement-integrity" a >;
+ attribute DOMString <a data-type =" DOMString" href =" #dom-htmlscriptelement-integrity" a >;
};
</pre >
-<script >
+ <aside class =" dfn-panel" data-for =" digest"
+ <b ><a href =" #digest" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-digest-1" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" cross-origin"
+ <b ><a href =" #cross-origin" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-cross-origin-1" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" same-origin"
+ <b ><a href =" #same-origin" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-same-origin-1" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" representation-data"
+ <b ><a href =" #representation-data" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-representation-data-1" a > <a href =" #ref-for-representation-data-2" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" base64-encoding"
+ <b ><a href =" #base64-encoding" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-base64-encoding-1" a >
+ <li ><a href =" #ref-for-base64-encoding-2" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" integrity-metadata"
+ <b ><a href =" #integrity-metadata" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-integrity-metadata-1" a > <a href =" #ref-for-integrity-metadata-2" a > <a href =" #ref-for-integrity-metadata-3" a >
+ <li ><a href =" #ref-for-integrity-metadata-4" a >
+ <li ><a href =" #ref-for-integrity-metadata-5" a >
+ <li ><a href =" #ref-for-integrity-metadata-6" a >
+ <li ><a href =" #ref-for-integrity-metadata-7" a >
+ <li ><a href =" #ref-for-integrity-metadata-8" a >
+ <li ><a href =" #ref-for-integrity-metadata-9" a >
+ <li ><a href =" #ref-for-integrity-metadata-10" a >
+ <li ><a href =" #ref-for-integrity-metadata-11" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" getprioritizedhashfunction"
+ <b ><a href =" #getprioritizedhashfunction" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-getprioritizedhashfunction-1" a >
+ <li ><a href =" #ref-for-getprioritizedhashfunction-2" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" grammardef-hash-with-options"
+ <b ><a href =" #grammardef-hash-with-options" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-grammardef-hash-with-options-1" a > <a href =" #ref-for-grammardef-hash-with-options-2" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" grammardef-option-expression"
+ <b ><a href =" #grammardef-option-expression" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-grammardef-option-expression-1" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" grammardef-hash-algo"
+ <b ><a href =" #grammardef-hash-algo" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-grammardef-hash-algo-1" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" grammardef-base64-value"
+ <b ><a href =" #grammardef-base64-value" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-grammardef-base64-value-1" a >
+ </ul >
+ </aside >
+ <aside class =" dfn-panel" data-for =" grammardef-hash-expression"
+ <b ><a href =" #grammardef-hash-expression" a ></b ><b >Referenced in:</b >
+ <ul >
+ <li ><a href =" #ref-for-grammardef-hash-expression-1" a >
+ </ul >
+ </aside >
+<script >/* script-dfn-panel */
+
document .body .addEventListener (" click" function (e ) {
var queryAll = function (sel ) { return [].slice .call (document .querySelectorAll (sel)); }
// Find the dfn element or panel, if any, that was clicked on.
var el = e .target ;
var target;
+ var hitALink = false ;
while (el .parentElement ) {
- if (el .tagName == " DFN "
- target = " dfn" ;
- break ;
+ if (el .tagName == " A "
+ // Clicking on a link in a < dfn> shouldn't summon the panel
+ hitALink = true ;
}
- if (/ H \d / . test ( el .tagName ) && el . getAttribute ( ' data- dfn-type ' ) != null ) {
+ if (el .classList . contains ( " dfn-paneled " ) ) {
target = " dfn"
break ;
}
@@ -877,15 +1107,29 @@ <h2 class="no-num no-ref heading settled" id="idl-index"><span class="content">I
el .classList .remove (" activated"
});
}
- if (target == " dfn"
+ if (target == " dfn" && ! hitALink ) {
// open the panel
- var dfnPanel = el .querySelector (" .dfn-panel"
+ var dfnPanel = document .querySelector (" .dfn-panel[data-for=' " + el . id + " '] "
if (dfnPanel) {
+ console .log (dfnPanel);
dfnPanel .classList .add (" on"
+ var rect = el .getBoundingClientRect ();
+ dfnPanel .style .left = window .scrollX + rect .right + 5 + " px"
+ dfnPanel .style .top = window .scrollY + rect .top + " px"
+ var panelRect = dfnPanel .getBoundingClientRect ();
+ var panelWidth = panelRect .right - panelRect .left ;
+ if (panelRect .right > document .body .scrollWidth && (rect .left - (panelWidth + 5 )) > 0 ) {
+ // Reposition, because the panel is overflowing
+ dfnPanel .style .left = window .scrollX + rect .left - (panelWidth + 5 ) + " px"
+ }
+ } else {
+ console .log (" Couldn't find .dfn-panel[data-for='" + el .id + " ']"
}
} else if (target == " dfn-panel"
// Switch it to "activated" state, which pins it.
el .classList .add (" activated"
+ el .style .left = null ;
+ el .style .top = null ;
}
});
0 comments on commit
ef5f92b