Add sub resource integrity verification to link preloads so that resources with an integrity attribute can be preloaded with causing a double download. This feature honors the integrity attribute on link preloads for the as=script and as=style destinations.
The primary motivation for this work is that in Chrome, resources requested with subresource integrity (SRI) cannot re-use preloaded resources. This is documented in http://crbug/677022. This is because the raw bytes for a resource are discarded after the resource is encoded. Not-reusing requests from the preload cache causes a loading regression, as these resources will always be downloaded twice. A solution proposed to the W3C's Web Performance Working Group, and agreed on at TPAC 2018 by multiple vendors, was to standardize and implement support for the `integrity` attribute on link preloads. As per this feature, Chrome will support the `integrity` attribute on link preloads for as=script & as=style destinations. Support for other destinations is lower-priority, as the script and style destinations are currently the only resource types that support SRI on their own (independent of being preloaded).
Docs: https://docs.google.com/document/d/1l8y_T3z-nb0smR9EVoZ3TeEI6rGzLw74vvzWzODsnDQ https://docs.google.com/document/d/1Mv-Y18leB5kNc6GshVRx2NEZmLu7WGlnQ6OZ5Oj5vgA
Explainers: https://github.com/w3c/preload/issues/127