W3C home > Mailing lists > Public > public-web-security@w3.org > February 2011

Re: CSP Directive Proposal: Sandbox

From: Adam Barth <w3c@adambarth.com>
Date: Wed, 23 Feb 2011 21:18:26 -0800
Message-ID: <AANLkTin81AXydD-CSKOciGi_DAyUuOsuFFFcj4E-v8KG@mail.gmail.com>
To: Brandon Sterne <bsterne@mozilla.com>
Cc: Daniel Veditz <dveditz@mozilla.com>, "sird@rckc.at" <sird@rckc.at>, public-web-security@w3.org
On Wed, Feb 23, 2011 at 5:18 PM, Brandon Sterne <bsterne@mozilla.com> wrote:
> I see your comments suggesting this change and Collin's supporting them.
>  I don't see how you got from there to "this group".  I'm not saying the
> suggested change is without merit, but there is a case to be made
> against it which Dan brought up.  I think the debate is still open.

Fair enough.  Perhaps we should continue the discussion in the other thread.

Adam


> On 02/22/2011 07:41 PM, Adam Barth wrote:
>> Oh, I meant this group.
>>
>> Adam
>>
>>
>> On Tue, Feb 22, 2011 at 6:24 PM, Daniel Veditz <dveditz@mozilla.com> wrote:
>>> I haven't seen any consensus forming on that, maybe Adam's "we"
>>> means webkit.
>>>
>>> On 2/22/11 1:31 AM, sird@rckc.at wrote:
>>>> Oh, I wasn't aware that the "default-do-noting" was really happening.
>>>>
>>>> -- Eduardo
>>>>
>>>> On Tue, Feb 22, 2011 at 1:16 AM, Adam Barth <w3c@adambarth.com> wrote:
>>>>> I don't think the situation is as tricky as you make it out to be,
>>>>> especially if we go the route of an empty CSP policy not implying
>>>>> inline script restrictions, which seems likely.
>>>>>
>>>>> Adam
>
Received on Thursday, 24 February 2011 05:27:35 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 24 February 2011 05:27:37 GMT