[webappsec] Call for Consensus: CSP 1.1 to FPWD

This is a Call for Consensus among the WebAppSec WG to accept the following draft of CSP 1.1 as a First Public Working draft:

https://dvcs.w3.org/hg/content-security-policy/raw-file/48bed86c418d/csp-specification.dev.html

CSP 1.1 extends CSP 1.0 and defines several new elements of policy mechanism:

* an HTML <meta> Element
* Script Interfaces
* Directory path Source Expressions
* Media Type lists

As well as a number of new directives:

* form-action
* script-nonce
* plugin-types
* reflected-xss

Please send comments to public-webappsec@w3.org<mailto:public-webappsec@w3.org> , positive feedback is encouraged.

This CfC will end on December 4, 2012.

Thank you,

Brad Hill

Received on Tuesday, 27 November 2012 22:01:51 UTC