W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2012

ISSUE-35: Should we add an "httpOnly" like directive to CSP to indicate that the state of this policy is not available to the script APIs?

From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Fri, 02 Nov 2012 09:08:47 +0000
Message-Id: <E1TUDF9-0008Cs-7g@nelson.w3.org>
To: public-webappsec@w3.org
ISSUE-35: Should we add an "httpOnly" like directive to CSP to indicate that the state of this policy is not available to the script APIs?

http://www.w3.org/2011/webappsec/track/issues/35

Raised by: 
On product: 
Received on Friday, 2 November 2012 09:08:51 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 2 November 2012 09:08:51 GMT