webappsec-ISSUE-6 (sandbox): Should the sandbox directive be part of CSP 1.0? from Web Application Security Working Group Issue Tracker on 2011-11-03 (public-webappsec@w3.org from November 2011)

From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Thu, 03 Nov 2011 09:00:31 +0000
To: public-webappsec@w3.org
Message-Id: <E1RLt9z-0007kv-8X@lowblow.w3.org>

webappsec-ISSUE-6 (sandbox): Should the sandbox directive be part of CSP 1.0?

http://www.w3.org/2011/webappsec/track/issues/6

Raised by: Adam Barth
On product: 

There was some discussion at TPAC about whether the sandbox directive should be part of CSP 1.0 or CSP 1.1.  Microsoft has implemented the sandbox directive in the latest IE 10 Platform Preview, so it's a candidate for inclusion in 1.0.

Next steps:

1) abarth to draft spec language for sandbox: http://www.w3.org/2011/webappsec/track/actions/24
2) bsterne to estimate difficulty of implementing in Firefox in the 1.0 timeframe

Received on Thursday, 3 November 2011 09:02:37 UTC