W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2013

proposal: move frame-options directive out of UI safety spec into CSP 1.1

From: Daniel Veditz <dveditz@mozilla.com>
Date: Tue, 08 Oct 2013 14:54:03 -0700
Message-ID: <52547EFB.5030800@mozilla.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
I'd like to move the frame-options directive out of the UI safety
speclet and into CSP proper. The X-Frame-Options header is growing in
usage across the web and I'd like its replacement to be solidified into
a spec that is actively being finished up rather than in the more
nebulous UI Safety spec.

-Dan Veditz



Received on Tuesday, 8 October 2013 21:54:31 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 8 October 2013 21:54:31 UTC