- From: L. David Baron <notifications@github.com>
- Date: Wed, 04 Mar 2020 17:45:23 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 5 March 2020 01:45:36 UTC
@sangwhan and I are looking at this in a breakout. One comment is that after reading the explainer and parts of the spec, it's not clear to me why `require-trusted-types-for 'script'` is named what it is. It seems like an odd name to me for a directive that's about requiring something for `javascript` URLs. Though the [Adopting Trusted Types](https://github.com/w3c/webappsec-trusted-types/blob/master/explainer.md#adopting-trusted-types) section seems to imply that it's about something much broader than just the handling of `javascript` URLs. Beyond that, I don't have anything to say immediately, but it really took me half an hour to load this whole thing into my head again, and I'd probably need another read-through to come up with more interesting thoughts on it. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/198#issuecomment-594983813
Received on Thursday, 5 March 2020 01:45:36 UTC