W3C home > Mailing lists > Public > public-web-security@w3.org > February 2011

Re: CSP Directive Proposal: Sandbox

From: Brandon Sterne <bsterne@mozilla.com>
Date: Wed, 23 Feb 2011 17:18:39 -0800
Message-ID: <4D65B1EF.4020002@mozilla.com>
To: Adam Barth <w3c@adambarth.com>
CC: Daniel Veditz <dveditz@mozilla.com>, "sird@rckc.at" <sird@rckc.at>, public-web-security@w3.org
Hey Adam,

I see your comments suggesting this change and Collin's supporting them.
 I don't see how you got from there to "this group".  I'm not saying the
suggested change is without merit, but there is a case to be made
against it which Dan brought up.  I think the debate is still open.

Best,
Brandon


On 02/22/2011 07:41 PM, Adam Barth wrote:
> Oh, I meant this group.
> 
> Adam
> 
> 
> On Tue, Feb 22, 2011 at 6:24 PM, Daniel Veditz <dveditz@mozilla.com> wrote:
>> I haven't seen any consensus forming on that, maybe Adam's "we"
>> means webkit.
>>
>> On 2/22/11 1:31 AM, sird@rckc.at wrote:
>>> Oh, I wasn't aware that the "default-do-noting" was really happening.
>>>
>>> -- Eduardo
>>>
>>> On Tue, Feb 22, 2011 at 1:16 AM, Adam Barth <w3c@adambarth.com> wrote:
>>>> I don't think the situation is as tricky as you make it out to be,
>>>> especially if we go the route of an empty CSP policy not implying
>>>> inline script restrictions, which seems likely.
>>>>
>>>> Adam
Received on Thursday, 24 February 2011 01:18:06 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 24 February 2011 01:18:08 GMT