/webappsec-subresource-integrity

Permalink
Browse files

Formatting and spelling

  • Loading branch information...
1 parent e0e4ac4 commit 95e35111fd2c428fbb67db355f58671fe3f94502 @metromoxie metromoxie committed Nov 17, 2015
Unified Split
Showing with 6 additions and 6 deletions.
  1. +3 −3 index.html
  2. +3 −3 spec.markdown
View
6 index.html
@@ -326,7 +326,7 @@ <h3 id="integrity-metadata">Integrity metadata</h3>
<p>This metadata MUST be encoded in the same format as the <code>hash-source</code> (without the single quotes)
in <a href="http://www.w3.org/TR/CSP2/#source-list-syntax">section 4.2 of the Content Security Policy Level 2 specification</a>.</p>
- <p>For example, given a script resource containing only the string "alert('Hello, world.');",
+ <p>For example, given a script resource containing only the string <code>alert(\'Hello, world.\');</code>,
an author might choose <a href="#dfn-sha-2">SHA-384</a> as a hash function.
<code>H8BRh8j48O9oYatfu5AZzq6A9RINhZO5H16dQZngK7T62em8MUt1FLm52t+eX6xO</code> is the base64-encoded
digest that results. This can be encoded as follows:</p>
@@ -507,7 +507,7 @@ <h4 id="parse-metadata">Parse <var>metadata</var>.</h4>
<li>Set <var>empty</var> to <code>false</code>.</li>
<li>If <var>token</var> is not a valid metadata, skip the remaining
steps, and proceed to the next token.</li>
- <li>Parse <var>token</var> per the grammar in <a href="#dfn-integrity-metadata">integrity metadata</a></li>
+ <li>Parse <var>token</var> per the grammar in <a href="#dfn-integrity-metadata">integrity metadata</a>.</li>
<li>Let <var>algorithm</var> be the <var>alg</var> component of
<var>token</var>.</li>
<li>If <var>algorithm</var> is a hash function recognized by the user
@@ -819,7 +819,7 @@ <h2 id="acknowledgements">Acknowledgements</h2>
Markham’s <a href="http://www.gerv.net/security/link-fingerprints/">Link Fingerprints</a> concept, as well as WHATWG’s <a href="https://wiki.whatwg.org/wiki/Link_Hashes">Link Hashes</a>.</p>
<p>A special thanks to Mike West of Google, Inc. for his invaluable contributions
-to the initial version of this spec. Additonally, Brad Hill, Anne van Kesteren,
+to the initial version of this spec. Additionally, Brad Hill, Anne van Kesteren,
Jonathan Kingston, Mark Nottingham, Dan Veditz, Eduardo Vela, Tanvi Vyas, and
Michal Zalewski provided invaluable feedback.</p>
View
6 spec.markdown
@@ -192,7 +192,7 @@ the spec may define options, such as MIME types [[!MIMETYPE]].
This metadata MUST be encoded in the same format as the `hash-source` (without the single quotes)
in [section 4.2 of the Content Security Policy Level 2 specification][csp2-section42].
-For example, given a script resource containing only the string \"alert(\'Hello, world.\');\",
+For example, given a script resource containing only the string `alert(\'Hello, world.\');`,
an author might choose [SHA-384][sha2] as a hash function.
`H8BRh8j48O9oYatfu5AZzq6A9RINhZO5H16dQZngK7T62em8MUt1FLm52t+eX6xO` is the base64-encoded
digest that results. This can be encoded as follows:
@@ -382,7 +382,7 @@ the user agent.
1. Set <var>empty</var> to `false`.
2. If <var>token</var> is not a valid metadata, skip the remaining
steps, and proceed to the next token.
- 3. Parse <var>token</var> per the grammar in [integrity metadata][]
+ 3. Parse <var>token</var> per the grammar in [integrity metadata][].
4. Let <var>algorithm</var> be the <var>alg</var> component of
<var>token</var>.
5. If <var>algorithm</var> is a hash function recognized by the user
@@ -691,7 +691,7 @@ Much of the content here is inspired heavily by Gervase
Markham's [Link Fingerprints][] concept, as well as WHATWG's [Link Hashes][].
A special thanks to Mike West of Google, Inc. for his invaluable contributions
-to the initial version of this spec. Additonally, Brad Hill, Anne van Kesteren,
+to the initial version of this spec. Additionally, Brad Hill, Anne van Kesteren,
Jonathan Kingston, Mark Nottingham, Dan Veditz, Eduardo Vela, Tanvi Vyas, and
Michal Zalewski provided invaluable feedback.

0 comments on commit 95e3511

Please sign in to comment.