Re: CSP HTTP header description

On Tue, Mar 27, 2012 at 1:02 AM, Adam Barth <> wrote:
> On Tue, Mar 27, 2012 at 12:59 AM, Thomas Roessler <> wrote:
>> based on discussion at the IETF meeting, there won't be a separate IETF document to specify the CSP HTTP header.
>> It would be great if we could extend the header description in CSP to have the information suggested here:
>> Reviewing this shouldn't be too much effort.
>> We can then ask for review from the IETF websec and http WGs, both of whom will be happy to provide that review.
> Ok.  I'll take a swing at it.

Here's a first draft:

Let me know if anything needs to change.


Received on Sunday, 1 April 2012 23:33:05 UTC