Re: Advice about unprefixing Content-Security-Policy in WebKit from Tom Ritter on 2012-08-29 (public-webappsec@w3.org from August 2012)

From: Tom Ritter <tom@ritter.vg>
Date: Tue, 28 Aug 2012 20:20:56 -0400
To: Adam Barth <w3c@adambarth.com>
Cc: public-webappsec@w3.org, Mike West <mkwst@chromium.org>
Message-ID: <CA+cU71mtui3Aw2GLHk8A3D3YR_30KrU6w1RE6NAU-NAOTh5Wuw@mail.gmail.com>

I still think the solution to this issue is adding a mandatory v=1.1
parameter to CSP 1.1.  It will be unambiguous (the lack of it will
identify 1.0), and it'll allow backwards-incompatible changes to 1.1
and future revisions.  And it's not terribly long.

-tom

Received on Wednesday, 29 August 2012 00:21:45 UTC