W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2012

Re: Trigger a DOM event/error when a CSP violation happens.

From: Dan Veditz <dveditz@mozilla.com>
Date: Fri, 26 Oct 2012 16:22:09 -0700
Message-ID: <508B1B21.30800@mozilla.com>
To: Eduardo' Vela <evn@google.com>
CC: John J Barton <johnjbarton@johnjbarton.com>, Adam Barth <w3c@adambarth.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On 10/26/12 4:16 PM, Eduardo' Vela wrote:
> If we can't debug the origin of the alert, it's impossible for us to
> differentiate an attack from a bug like this.

Sure, but you're more likely to get a faster fix for a bug acknowledged 
by both Mozilla and Google than to get a new DOM Event feature added to 
the next revision of the spec when we haven't even published the current 
version.
Received on Friday, 26 October 2012 23:22:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 26 October 2012 23:22:39 GMT