From 12ea1bd89915cb1303b395bed4bd47007856a2eb Mon Sep 17 00:00:00 2001 From: Jeffrey Yasskin Date: Thu, 10 Sep 2020 11:41:52 -0700 Subject: [PATCH] Use the header-integrity of the first matching allowed-alt-sxg link. Instead of the last. --- loading.bs | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/loading.bs b/loading.bs index 609d94ac..b6078e6b 100644 --- a/loading.bs +++ b/loading.bs @@ -751,10 +751,11 @@ add the following steps: [=allowed signed exchange link info/target=], a destination of the result of [=destination/translating=] |asAttribute|, and a corsAttributeState of [=No CORS=]. - 1. If |requestForMatch| [=doesn't match the stored exchange=] - |storedExchange|, then continue. - 1. Set |headerIntegrity| to |allowedSxgLink|'s [=allowed signed - exchange link info/header integrity=]. + 1. If |requestForMatch| [=matches the stored exchange=] + |storedExchange|, then: + 1. Set |headerIntegrity| to |allowedSxgLink|'s [=allowed signed + exchange link info/header integrity=]. + 1. Break out of the |allowedSxgLinks| loop. 1. Let |prefetched alternate exchange| be null. 1. For each |sxg| of |navigationParams|'s [=navigation params/prefetched subresource signed exchanges=]: