W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2012

Re: Advice about unprefixing Content-Security-Policy in WebKit

From: Adam Barth <w3c@adambarth.com>
Date: Tue, 28 Aug 2012 17:38:22 -0700
Message-ID: <CAJE5ia9mGES+BjyUB3PxbLZQdA_dGWhHnKthKGALFfSkNx90dQ@mail.gmail.com>
To: Tom Ritter <tom@ritter.vg>
Cc: public-webappsec@w3.org, Mike West <mkwst@chromium.org>
Versioning is an anti-pattern in the web platform.  Notice that none
of the major web languages (HTML, CSS, JavaScript) use versioning.
There was an extensive discussion about this topic in the HTML working
group in connection with <http://www.w3.org/html/wg/tracker/issues/4>.


On Tue, Aug 28, 2012 at 5:20 PM, Tom Ritter <tom@ritter.vg> wrote:
> I still think the solution to this issue is adding a mandatory v=1.1
> parameter to CSP 1.1.  It will be unambiguous (the lack of it will
> identify 1.0), and it'll allow backwards-incompatible changes to 1.1
> and future revisions.  And it's not terribly long.
> -tom
Received on Wednesday, 29 August 2012 00:39:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:28 UTC