W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2014

Re: [HTML imports]: Imports and Content Security Policy

From: Nick Krempel <ndkrempel@google.com>
Date: Fri, 10 Jan 2014 13:51:21 +0000
Message-ID: <CAGu+aDeSbZ+wRsw3YZm8e9VBoeF_HqCn4OD=K3HMvT8pq3Gg1A@mail.gmail.com>
To: Hajime Morrita <morrita@google.com>
Cc: Frederik Braun <fbraun@mozilla.com>, public-webapps <public-webapps@w3.org>, Gabor Krizsanits <gkrizsanits@mozilla.com>
To clarify: your example is supposed to be an attack on imported.com, not
example.com (we can assume the attacker has control over example.com)?

Nick

‚Äč
Received on Friday, 10 January 2014 13:51:50 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:14:21 UTC