Re: CSP HTTP header description

On Tue, Mar 27, 2012 at 1:02 AM, Adam Barth <w3c@adambarth.com> wrote:
> On Tue, Mar 27, 2012 at 12:59 AM, Thomas Roessler <tlr@w3.org> wrote:
>> based on discussion at the IETF meeting, there won't be a separate IETF document to specify the CSP HTTP header.
>>
>> It would be great if we could extend the header description in CSP to have the information suggested here:
>>        http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-19#section-3.1
>>
>> Reviewing this shouldn't be too much effort.
>>
>> We can then ask for review from the IETF websec and http WGs, both of whom will be happy to provide that review.
>
> Ok.  I'll take a swing at it.

Here's a first draft:

http://dvcs.w3.org/hg/content-security-policy/rev/91163bbd2daf

Let me know if anything needs to change.

Thanks!
Adam

Received on Sunday, 1 April 2012 23:33:05 UTC