W3C home > Mailing lists > Public > public-web-security@w3.org > February 2011

Re: CSP syntax

From: gaz Heyes <gazheyes@gmail.com>
Date: Fri, 4 Feb 2011 20:47:06 +0000
Message-ID: <AANLkTik-+StfEqcZBZADziojwg47azDCBFOS3o698YBi@mail.gmail.com>
To: Lucas Adamski <ladamski@mozilla.com>
Cc: W3C Web Security Interest Group <public-web-security@w3.org>
On 4 February 2011 20:27, Lucas Adamski <ladamski@mozilla.com> wrote:

> My specific concern with JSON is that its a data format that is simply a
> child of its environment: JavaScript.  Its purpose is to escape data in such
> a way as to be reliably transmitted within, and parse by, JavaScript.
> Neither of those hold true inside an HTTP header.
>
> Can you provide some specific examples where the JSON format is "better"
> (more compact, more expressive) than the current proposal?
>

Actually I changed my mind and suggested any format in uncompressed form and
then compiling into a smaller compressed form applied inside the http header
so now the actual format you write in doesn't matter as long as it compiles
into the compressed format.
Received on Friday, 4 February 2011 20:47:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 4 February 2011 20:47:38 GMT