How about SHHTP/CHTTP - Signed HTTP or Checksum HTTP
The server generates a signed version of the response returns the checksum in the header and its the browser responsibility to signed the plain text response and compare checksums, checksums failed then prompt the user if they wish to load the content!