- From: Adam Barth <w3c@adambarth.com>
- Date: Thu, 14 Apr 2011 17:49:55 -0700
- To: public-web-security@w3.org
The spec says: [[ In the following example a page located at http://example.org/page.html was requested and returned with its response a policy of default-src 'self'; policy-uri http://example.org/csp-report.cgi. The policy was violated by an image element from evil.example.com which had been embedded in the page. ]] Presumably we mean report-uri. Adam
Received on Friday, 15 April 2011 00:50:53 UTC