Origin-Signed HTTP Exchanges
Allows sites to send HTTP request/response pairs (exchanges) that are authoritative for an origin, even when the server itself is not authoritative for that origin. This is part of Web Packaging, which will allow people to share web applications peer-to-peer, while offline, with proof that an app comes from its original author. This also shares some infrastructure with signature-based SRI.
Status in Chromium
Enabled by default (tracking bug) in:
- Chrome for desktop release 73
- Chrome for Android release 73
Consensus & Standardization
Last updated on 2019-04-17