Home

Awesome

Packaging Websites

Not to be confused with webpack, this repository holds a collection of specifications aimed at packaging websites. These specifications replace the W3C TAG's Web Packaging Draft and will allow people to bundle together the resources that make up a website, so they can be shared offline, either with or without a proof that they came from the original website. A full list of use cases and resulting requirements is available in draft-yasskin-wpack-use-cases (IETF draft).

<!-- TOC --> <!-- /TOC -->

Explainers

The explainers walk through how to use these specs to achieve the use cases.

Use cases

Maintaining security and privacy constraints

Specifications

The specifications come in several layers:

  1. Signed HTTP exchanges (a.k.a. SXG) (IETF draft): These allow a browser to trust that a single HTTP request/response pair was generated by the origin it claims.

  2. Web Bundles (previously called Bundled HTTP exchanges): A collection of HTTP resources, each of which could be signed or unsigned, with some metadata describing how to interpret the bundle as a whole. This specification has an initial draft in a PR, but isn't finished yet. This work may proceed through either the IETF or the W3C/WHATWG.

    Update: This work was moved to the wpack-wg/bundled-responses repository (Web Bundles (IETF draft)) .

  3. Loading: A description of how browsers load signed exchanges. This is initially specified here, and will eventually merge into the appropriate specs, e.g. Fetch, that live in either the W3C or WHATWG. Currently this only covers signed exchanges.

  4. Subresource Loading (Explainer): A description of how browsers load a large number of resources efficiently with Web Bundles. This is initially specified here, and will eventually merge into the appropriate specs.

A previous draft of the format combined layers 1 and 2 into a single format for signed packages: draft-yasskin-dispatch-web-packaging (IETF draft). The DISPATCH WG at IETF99 recommended the current split.

Building this repository

Building the Draft

Formatted text and HTML versions of the draft can be built using make.

$ make

This requires that you have software installed as described in https://github.com/martinthomson/i-d-template/blob/main/doc/SETUP.md.

Packaging tools

Signed HTTP Exchanges

Install this with go install github.com/WICG/webpackage/go/signedexchange/cmd/... (Golang 1.18+).

See go/signedexchange for the usage of the tool.

Web Bundles

There are several tools.

Isolated Web Apps (signing with integrity block)