- From: Brandon Sterne <bsterne@mozilla.com>
- Date: Tue, 08 Mar 2011 14:50:47 -0800
- To: Adam Barth <w3c@adambarth.com>
- CC: "public-web-security@w3.org" <public-web-security@w3.org>
On 03/03/2011 01:33 PM, Adam Barth wrote: > 1) Can we switch to the more usually ABNF used by most modern spec. > For > example, here's a possible grammar for a CSP policy: > > policy = directive-list > directive-list = directive *( ";" directive ) > directive = *LWS directive-name [ LWS directive-value ] > directive-name = 1*<OCTET, except LWS and ";"> > directive-value = *<OCTET, except ";"> > > (Of course, the above might not be correct---it's just an example.) Hey Adam, Your ABNF example defines directive names and values by sequences of allowed characters, while the Mozilla grammar enumerates the list of "good directives" and makes room for "future directives" using character sequences. I'm trying to weigh the advantages of one system over the other. I imagine that the chief advantage of your syntax is that the grammar doesn't have to stay in sync with the directives section as we add new directives; it's always correct. On the other hand, it's kind of nice to have the enumerated list of valid directives in one place. I'm happy to go either way, but I'd like to give this group the opportunity to state a preference. Cheers, Brandon
Received on Tuesday, 8 March 2011 22:49:39 UTC