These forums are currently read-only due to receiving more spam than actual discussion. Sorry.

It is currently Sat Dec 02, 2017 4:03 pm Advanced search

Checksums for downloads

Do you think the HTML spec should do something differently? You can discuss spec feedback here, but you should send it to the WHATWG mailing list or file a bug in the W3C bugzilla for it to be considered.

Checksums for downloads

Postby mskinner » Fri Jan 18, 2013 2:33 pm

Hello all, long time no contact.

Several sites today provide MD5, SHA256, etc. checksums next to the hyperlinks for file downloads. I realise that MD5 is susceptible to collisions however this is a little unlikely for the moment.

Those who know how to use md5sum/sha1sum/sha256sum at the command line (or via some GUI utility) are most likely too time poor to do this verification for such downloads. Multitudes more just don't know how to.

If there was the option of adding a checksum attribute on hyperlinks (maybe of the format checksum="sha256|c01b39c7a35ccc3b081a3e83d2c71fa9a767ebfeb45c69f08e17dfe3ef375a7b" the web browser could possibly perform a simple check before releasing that file from the 'temporary downloads quarantine"?

For a successful file download, the file would be saved as normal immediately.
For a checksum mismatch, the user agent might warn the user (cancel or allow), or retry a couple of times first?

I guess this could also be applied to hyperlinks to HTML files as well, however this would be a problem if people put checksums on links to:

  • Dynamic HTML pages
  • Links to (this is a made up URL)

This is just an idea and there is always more to consider... like how this could be accomplished in Javascript and should it be supported in the HTTP protocol as an optional a response header? At least an extra attribute such as this would not break backward compatibility (as it would be ignored).

Maybe in some circumstances this might be useful?

Best Regards,

Posts: 116
Joined: Sun Jun 24, 2007 12:20 am
Location: Melbourne, Australia

Re: Checksums for downloads

Postby fulg » Sat Jan 19, 2013 4:15 am

Posts: 10
Joined: Mon Jun 11, 2012 10:06 pm

Return to Feedback on the Specs

Who is online

Users browsing this forum: No registered users and 1 guest