W3C home > Mailing lists > Public > public-webappsec@w3.org > July 2012

Re: CSP 1.1: More granular source list definitions.

From: Tom Ritter <tom@ritter.vg>
Date: Mon, 2 Jul 2012 08:09:20 -0400
Message-ID: <CA+cU71kUfuqyNr0c_uPJS7vANrBtbUdC1TBtFV3oa5bTXC3X_w@mail.gmail.com>
To: Odin HÝrthe Omdal <odinho@opera.com>
Cc: public-webappsec@w3.org
On Jul 2, 2012 7:46 AM, "Odin HÝrthe Omdal" <odinho@opera.com> wrote:
> So if CSP 1.0 is allowed to live a long time in a browser, the behavior
we have now might actually be mandatory for site-compat.

Unless 1.1 adds a version parameter in the header, and the lack of it is
defined as being 1.0.

If course this will be the only opportunity to do it.

-tom
Received on Monday, 2 July 2012 12:09:47 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Monday, 2 July 2012 12:09:48 GMT