- From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Thu, 25 Apr 2013 18:38:03 +0000
- To: public-webappsec@w3.org
webappsec-ISSUE-47: Revisit combinations of header and meta tags [CSP 1.1] http://www.w3.org/2011/webappsec/track/issues/47 Raised by: Brad Hill On product: CSP 1.1 If an expected use case of the meta tag is to allow some setup to be done before locking down the policy, the restriction preventing meta from being used in combination with a header policy may not be useful. Also, the script interfaces have similar functionality that is not restricted to the <head>. To raise on list.
Received on Thursday, 25 April 2013 18:38:08 UTC