- From: Adam Barth <w3c@adambarth.com>
- Date: Sun, 1 Apr 2012 16:32:02 -0700
- To: Thomas Roessler <tlr@w3.org>
- Cc: public-webappsec@w3.org
On Tue, Mar 27, 2012 at 1:02 AM, Adam Barth <w3c@adambarth.com> wrote: > On Tue, Mar 27, 2012 at 12:59 AM, Thomas Roessler <tlr@w3.org> wrote: >> based on discussion at the IETF meeting, there won't be a separate IETF document to specify the CSP HTTP header. >> >> It would be great if we could extend the header description in CSP to have the information suggested here: >> http://tools.ietf.org/html/draft-ietf-httpbis-p2-semantics-19#section-3.1 >> >> Reviewing this shouldn't be too much effort. >> >> We can then ask for review from the IETF websec and http WGs, both of whom will be happy to provide that review. > > Ok. I'll take a swing at it. Here's a first draft: http://dvcs.w3.org/hg/content-security-policy/rev/91163bbd2daf Let me know if anything needs to change. Thanks! Adam
Received on Sunday, 1 April 2012 23:33:05 UTC