- From: arturjanc <notifications@github.com>
- Date: Thu, 05 Mar 2020 06:55:09 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 5 March 2020 14:55:22 UTC
+1 to what @mikewest from an author's point of view. Given that the different mechanisms here control different aspects of the application's behavior (and, at least for the time being, serve different use cases), it seems good for developers to have separate switches to individually test and deploy each mechanism. In the long term, I would like to consolidate the individual features into something easier for developers to understand, similar to how the [Scripting Policy](https://mikewest.github.io/csp-next/scripting-policy.html) concept merges the relevant elements of CSP and Trusted Types. This will also make it easier to move towards enforcing them by default in some classes of applications, potentially leaning on this proposal. But I don't think we get there without the individual primitives -- if we cannot deploy them separately, we certainly won't be able to deploy them as a bundle. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/471#issuecomment-595270663
Received on Thursday, 5 March 2020 14:55:22 UTC