SubresourceIntegrity::IntegrityParseResult SubresourceIntegrity::parseIntegrityAttribute(const WTF::String& attribute, IntegrityMetadataSet& metadataSet, Document* document)
{
    Vector<UChar> characters;
    attribute.stripWhiteSpace().appendTo(characters);
    const UChar* position = characters.data();
    const UChar* end = characters.end();
    const UChar* currentIntegrityEnd;

    metadataSet.clear();
    bool error = false;

    // The integrity attribute takes the form:
    //    *WSP hash-with-options *( 1*WSP hash-with-options ) *WSP / *WSP
    // To parse this, break on whitespace, parsing each algorithm/digest/option
    // in order.
    while (position < end) {
        WTF::String digest;
        HashAlgorithm algorithm;

        skipWhile<UChar, isASCIISpace>(position, end);
        currentIntegrityEnd = position;
        skipUntil<UChar, isASCIISpace>(currentIntegrityEnd, end);

        // Algorithm parsing errors are non-fatal (the subresource should
        // still be loaded) because strong hash algorithms should be used
        // without fear of breaking older user agents that don't support
        // them.
        AlgorithmParseResult parseResult = parseAlgorithm(position, currentIntegrityEnd, algorithm);
        if (parseResult == AlgorithmUnknown) {
            // Unknown hash algorithms are treated as if they're not present,
            // and thus are not marked as an error, they're just skipped.
            skipUntil<UChar, isASCIISpace>(position, end);
            if (document) {
                logErrorToConsole("Error parsing 'integrity' attribute ('" + attribute + "'). The specified hash algorithm must be one of 'sha256', 'sha384', or 'sha512'.", *document);
                UseCounter::count(*document, UseCounter::SRIElementWithUnparsableIntegrityAttribute);
            }
            continue;
        }

        if (parseResult == AlgorithmUnparsable) {
            error = true;
            skipUntil<UChar, isASCIISpace>(position, end);
            if (document) {
                logErrorToConsole("Error parsing 'integrity' attribute ('" + attribute + "'). The hash algorithm must be one of 'sha256', 'sha384', or 'sha512', followed by a '-' character.", *document);
                UseCounter::count(*document, UseCounter::SRIElementWithUnparsableIntegrityAttribute);
            }
            continue;
        }

        ASSERT(parseResult == AlgorithmValid);

        if (!parseDigest(position, currentIntegrityEnd, digest)) {
            error = true;
            skipUntil<UChar, isASCIISpace>(position, end);
            if (document) {
                logErrorToConsole("Error parsing 'integrity' attribute ('" + attribute + "'). The digest must be a valid, base64-encoded value.", *document);
                UseCounter::count(*document, UseCounter::SRIElementWithUnparsableIntegrityAttribute);
            }
            continue;
        }

        // The spec defines a space in the syntax for options, separated by a
        // '?' character followed by unbounded VCHARs, but no actual options
        // have been defined yet. Thus, for forward compatibility, ignore any
        // options specified.
        if (skipExactly<UChar>(position, end, '?')) {
            const UChar* begin = position;
            skipWhile<UChar, isValueCharacter>(position, end);
            if (begin != position && document)
                logErrorToConsole("Ignoring unrecogized 'integrity' attribute option '" + String(begin, position - begin) + "'.", *document);
        }

        IntegrityMetadata integrityMetadata(digest, algorithm);
        metadataSet.add(integrityMetadata.toPair());
    }

    if (metadataSet.size() == 0 && error)
        return IntegrityParseNoValidResult;

    return IntegrityParseValidResult;
}