W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2012

Re: CSP HTTP header description

From: Adam Barth <w3c@adambarth.com>
Date: Sun, 1 Apr 2012 16:32:02 -0700
Message-ID: <CAJE5ia8sj6UCEg4LAQ_pGuke65E4KKyyqC7mPu8+2Uxz5Dn+Rg@mail.gmail.com>
To: Thomas Roessler <tlr@w3.org>
Cc: public-webappsec@w3.org
On Tue, Mar 27, 2012 at 1:02 AM, Adam Barth <w3c@adambarth.com> wrote:
> On Tue, Mar 27, 2012 at 12:59 AM, Thomas Roessler <tlr@w3.org> wrote:
>> based on discussion at the IETF meeting, there won't be a separate IETF document to specify the CSP HTTP header.
>> It would be great if we could extend the header description in CSP to have the information suggested here:
>>        http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-19#section-3.1
>> Reviewing this shouldn't be too much effort.
>> We can then ask for review from the IETF websec and http WGs, both of whom will be happy to provide that review.
> Ok.  I'll take a swing at it.

Here's a first draft:


Let me know if anything needs to change.

Received on Sunday, 1 April 2012 23:33:05 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:53:58 UTC