- From: Eduardo' Vela <evn@google.com>
- Date: Wed, 24 Oct 2012 23:22:00 -0700
- To: "public-web-security@w3.org" <public-web-security@w3.org>
Received on Thursday, 25 October 2012 06:22:47 UTC
We've noticed that Extensions and Addons are responsible for CSP reports, and it's hard for us to debug that. It would be nice if there was a flag in the report that specifies if the violation was initiated by an extension or an addon. I understand there are challenges on doing this (eg, an extension can inject a script which later generates a report). Being able to differentiate this problems would assist us to more quickly and efficiently reproduce and triage bugs. This goes hand in hand with the other request (generating a DOM event/error on CSP violations).
Received on Thursday, 25 October 2012 06:22:47 UTC