- From: Adam Barth <w3c@adambarth.com>
- Date: Thu, 17 Mar 2011 14:17:15 -0700
- To: Brandon Sterne <bsterne@mozilla.com>
- Cc: public-web-security@w3.org
On Thu, Mar 17, 2011 at 1:57 PM, Brandon Sterne <bsterne@mozilla.com> wrote: > On 03/17/2011 11:47 AM, Adam Barth wrote: >> 2) The spec dosen't define error handling. For example, how should >> the following parse: >> >> Content-Security-Policy: default-src 'self'; helloXgoodbye >> >> where X is %x07, for example? Also, what about >> >> Content-Security-Policy: default-src 'self'; ; > > We already specify that unrecognized directives should be ignored. > Should we simply also specify that invalid directives (per the grammar) > should be ignored? Yep, that would work. Adam
Received on Thursday, 17 March 2011 21:18:20 UTC