W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2013

CSP 1.0 copy&paste error

From: Janusz Majnert <jmajnert@gmail.com>
Date: Thu, 14 Mar 2013 09:51:23 +0100
Message-ID: <CAOeF0exvdXEFGQE7-yaK=nqsPTuyUHUUiMU_uWTLyt+_1ff8kg@mail.gmail.com>
To: public-webappsec@w3.org
Hi,
I think there's a copy&paste error in this section of the CSP 1.0
working draft: https://dvcs.w3.org/hg/content-security-policy/raw-file/tip/csp-1.0-specification.html#connect-src
The section covers "connect-src" directives, so the sentence "Whenever
[...], if the URI does not match the allowed font sources, [...]"
should read "allowed connection targets" in place of "allowed font
sources".

Regards,
Janusz Majnert
Received on Thursday, 14 March 2013 08:51:51 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:00 UTC