- From: Philip Constantinou <constantinou@gmail.com>
- Date: Thu, 31 Jul 2014 18:30:55 -0700
- To: public-webappsec@w3.org
- Cc: mkwst@google.com, w3c@adambarth.com, dveditz@mozilla.com
- Message-ID: <CADj+ZFib1HoGZVkKmxc0K87xS7308B=mooCECxoapdR4+gwwpg@mail.gmail.com>
Dear W3C CSP working group - Evernote voices our strong opposition to the wording changes regarding extensions and bookmarklets in CSP1.1 and our strong support of http://lists.w3.org/Archives/Public/public-webappsec/2014Jul/0061.html. Evernote provides a free web service to over 100 million users world wide. We also provide browser extensions for Google Chrome, Safari, Internet Explorer and Opera in addition to bookmarklets which are used on other user agents. Additionally, we have ongoing development efforts on several mobile browsers. For example, the Evernote Web Clipper for Chrome is a top rated free extension installed by over 3.4 million users. We've built these extensions for the express purpose of allowing users to capture and mark up content they find on the web. To create a great user experience, our extensions insert JavaScript into the viewers page upon user request. This mechanism risks being broken by the vague extension/bookmarklet wording change proposed in CSP 1.1. We strongly believe that users should be allowed to control their own experience on the web through a choice of browser and the use of browsers extensions. Changing the CSP specification in a way that limits browser extensions operates counter to the needs of users and limits companies like ours from making the web better for everyone. Thank you for your consideration - Philip Constantinou VP of Products Evernote remember everything ps. Sending this from my personal email address because the w3.org emailing list says evernote.com is blacklisted.
Received on Sunday, 3 August 2014 12:58:25 UTC