W3C home > Mailing lists > Public > public-web-security@w3.org > February 2011

Re: [Content Security Policy] A more modular approach

From: Jochen Eisinger <eisinger@google.com>
Date: Tue, 1 Feb 2011 13:40:31 +0100
Message-ID: <AANLkTimrXJWZT80Cw_z2AxS2yp7oZNuE82Wzp83ZWi1i@mail.gmail.com>
To: Brandon Sterne <bsterne@mozilla.com>
Cc: public-web-security@w3.org

On Mon, Jan 31, 2011 at 11:59 PM, Brandon Sterne <bsterne@mozilla.com> wrote:
> Hello everyone,
> We've heard a number of great ideas brought to the table this week and
> last and I'd like to make an attempt to incorporate those ideas in a way
> that hopefully satisfies everyone (a lofty goal!).

I might be overlooking something, but will this proposal allow for
blocking sources based on the protocol used, i.e. to support the use
case of disallowing resources served via http from and https site?

Received on Tuesday, 1 February 2011 12:41:21 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:26:18 UTC