- From: Ian Hickson <ian@hixie.ch>
- Date: Wed, 12 Nov 2014 21:02:25 +0000 (UTC)
- To: Mike West <mkwst@google.com>
- cc: Anne van Kesteren <annevk@annevk.nl>, Deian Stefan <deian@cs.stanford.edu>, WebApps WG <public-webapps@w3.org>, WebAppSec WG <public-webappsec@w3.org>
On Wed, 12 Nov 2014, Mike West wrote: > > The CSP spec should just delegate to HTML here. If/when HTML defines > sandboxing with regard to Workers, CSP will just start using those > hooks. > > I'd agree, for example, that it does appear that sandboxing a worker > into a unique origin could be interesting. It's not clear to me whether > any of the other flags would be useful, though. > > Ian, WDYT? Happy to add features if browsers are going to implement them. Just file a bug describing what the feature is. :-) -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 12 November 2014 21:02:51 UTC