[whatwg] hash Attribute
Gervase Markham
gerv at mozilla.org
Wed Nov 15 10:16:38 PST 2006
Michel Fortin wrote:
> I'm beginning to think that the link "fingerprint" method is best
> solution because the hash is more portable as part of the URL. I could
> for instance copy a fingerprinted URL right into this email:
>
> http://example.com/file#!md5!b3187253c1667fac7d20bb762ad53967
Indeed, that's one of the major use cases.
> and a knowledgeable browser receiving this URL would know how to check
> the validity of the received document. The two concerns I have with it
> is that it somewhat distorts the concept of a fragment identifier,
It does a bit; but the fragment identifier is unused for binary
downloads, so there's not much risk of a clash. Also, "!" is currently
not legal in HTML ids, AIUI.
> and
> it's generally going to be lost if there is any redirection (although a
> browser that knows about fingerprints could keep them across redirections).
Indeed. In fact, it would be a security flaw to update the identifier on
redirect.
Gerv
More information about the whatwg
mailing list