- From: Brandon Sterne <bsterne@mozilla.com>
- Date: Mon, 11 Apr 2011 15:22:48 -0700
- To: Adam Barth <w3c@adambarth.com>
- CC: public-web-security@w3.org
On 3/17/11 2:17 PM, Adam Barth wrote: > On Thu, Mar 17, 2011 at 1:57 PM, Brandon Sterne <bsterne@mozilla.com> wrote: >> On 03/17/2011 11:47 AM, Adam Barth wrote: >>> 2) The spec dosen't define error handling. For example, how should >>> the following parse: >>> >>> Content-Security-Policy: default-src 'self'; helloXgoodbye >>> >>> where X is %x07, for example? Also, what about >>> >>> Content-Security-Policy: default-src 'self'; ; >> >> We already specify that unrecognized directives should be ignored. >> Should we simply also specify that invalid directives (per the grammar) >> should be ignored? > > Yep, that would work. > > Adam I pushed this as: https://dvcs.w3.org/hg/content-security-policy/rev/c1dc770df1a9 Cheers, Brandon
Received on Monday, 11 April 2011 22:23:19 UTC