- From: Brandon Sterne <bsterne@mozilla.com>
- Date: Mon, 28 Mar 2011 13:24:29 -0700
- To: Adam Barth <w3c@adambarth.com>
- CC: public-web-security@w3.org
On 03/27/2011 04:48 PM, Adam Barth wrote: > IMHO, we should phrase the resource-loading requirements for CSP in > terms of HTML5's "fetch" apparatus: > > http://www.whatwg.org/specs/web-apps/current-work/#fetching-resources > > For example, that's how CORS specifies how to handle cross-origin > XMLHttpRequests: > > http://www.w3.org/TR/access-control/ This is a good suggestion. I've created a TODO item in my personal issue tracker and should be able to address this in the next week or so. Thanks, Brandon > Adam >
Received on Monday, 28 March 2011 20:22:25 UTC