Nice to see folks thinking along the same lines (and three years ahead of me) ;) https://github.com/tasn/webext-signed-pages – looks like Tom Hacohen already built what I wanted to verify the index page at least.
(The reason I’m looking past subresource integrity is because I need to have dynamic plugins and subresource integrity is only useful for resources you know at build time.)
@aral I'd like to explore some options for dynamic pages. There is some mention of it not being an ideal solution because the server needs to sign instead of the developer. But when the full server is trusted and in your control, does that matter? Would signing dynamic pages add any value then?
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!