- From: Brandon Sterne <bsterne@mozilla.com>
- Date: Thu, 17 Mar 2011 13:57:52 -0700
- To: Adam Barth <w3c@adambarth.com>
- CC: public-web-security@w3.org
On 03/17/2011 11:47 AM, Adam Barth wrote: > 2) The spec dosen't define error handling. For example, how should > the following parse: > > Content-Security-Policy: default-src 'self'; helloXgoodbye > > where X is %x07, for example? Also, what about > > Content-Security-Policy: default-src 'self'; ; We already specify that unrecognized directives should be ignored. Should we simply also specify that invalid directives (per the grammar) should be ignored? -Brandon
Received on Thursday, 17 March 2011 20:56:18 UTC