Comment #1 on issue 1072 by davidsarah.hopwood: Provide support for signed
Caja modules
http://code.google.com/p/google-caja/issues/detail?id=1072
Since the last two lines are not covered by the signature, a
signature-verifier
needs to check that they are as expected. Should we be concerned that a
verifier
will get this wrong? It seems like there are a lot of specification niggles
here,
e.g. requirements on whitespace, string quoting, etc. for the last two
lines.
Perhaps removing just the signature itself would simplify some of this,
i.e. the
signed text would be:
{{{
___.loadModule({
... cajoled stuff ...
signature: ""
});
}}}
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
