Re: [csswg-drafts] [css-view-transitions-2] Support same-site cross-origin view transitions (#10364) from Noam Rosenthal via GitHub on 2024-05-25 (public-css-archive@w3.org from May 2024)

From: Noam Rosenthal via GitHub <sysbot+gh@w3.org>
Date: Sat, 25 May 2024 12:06:25 +0000
To: public-css-archive@w3.org
Message-ID: <issue_comment.created-2131233136-1716638783-sysbot+gh@w3.org>

> How about adding a new [Content Security Policy (CSP)](https://w3c.github.io/webappsec-csp/) directive for this instead? That would make this feature very flexible and even allow to opt into different-site cross-origin view transitions, plus, it's a little faster than defining it in CSS because it's defined within a header and it aligns well with other CSS-related features like [`font-src`](https://w3c.github.io/webappsec-csp/#directive-font-src).
> 

Note that CSP is designed as an opt-out only, meaning any added policy can only be further restricting what precedes it or the default. It's not a good framework for something that's supposed to be restricted by default and relaxed using an opt-in. 

-- 
GitHub Notification of comment by noamr
Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/10364#issuecomment-2131233136 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Saturday, 25 May 2024 12:06:26 UTC