ISSUE-35: Should we add an "httpOnly" like directive to CSP to indicate that the state of this policy is not available to the script APIs?

• From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
• Date: Fri, 02 Nov 2012 09:08:47 +0000
• To: public-webappsec@w3.org
• Message-Id: <E1TUDF9-0008Cs-7g@nelson.w3.org>

ISSUE-35: Should we add an "httpOnly" like directive to CSP to indicate that the state of this policy is not available to the script APIs?

http://www.w3.org/2011/webappsec/track/issues/35

Raised by: 
On product: 

Received on Friday, 2 November 2012 09:08:51 UTC