- From: Garrett Robinson <grobinson@mozilla.com>
- Date: Fri, 18 Oct 2013 18:31:42 -0700
- To: public-webappsec@w3.org
On 10/18/2013 05:20 PM, Glenn Adams wrote: > Are you referring to CSP's script nonces? No, he is not. He is referring to the script hash proposal (see [1] for the latest draft) which has the same goal as nonce-source (whitelisting inline scripts/styles) but otherwise has a different design. [1] http://lists.w3.org/Archives/Public/public-webappsec/2013Sep/0053.html
Received on Saturday, 19 October 2013 01:32:11 UTC