Suppose I have the following CSP policy: frame-src http://example.com Now, I have the following HTML in my page: <iframe src="http://example.com/foo.html"></iframe> Where foo.html is the following: <a href="http://mozilla.org/">Mozilla</a> What happens when the user clicks that hyperlink? In particular, does the frame-src directive stop the frame from being navigated altogether, or does it only affect loads caused by the page with the policy? AdamReceived on Thursday, 7 April 2011 23:48:55 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 7 April 2011 23:48:55 GMT