Re: [webappsec] Call for Consensus: CSP 1.1 to FPWD

Second.

On Tue, Nov 27, 2012 at 2:01 PM, Hill, Brad <bhill@paypal-inc.com> wrote:
> This is a Call for Consensus among the WebAppSec WG to accept the following
> draft of CSP 1.1 as a First Public Working draft:
>
> https://dvcs.w3.org/hg/content-security-policy/raw-file/48bed86c418d/csp-specification.dev.html
>
> CSP 1.1 extends CSP 1.0 and defines several new elements of policy
> mechanism:
>
> * an HTML <meta> Element
> * Script Interfaces
> * Directory path Source Expressions
> * Media Type lists
>
> As well as a number of new directives:
>
> * form-action
> * script-nonce
> * plugin-types
> * reflected-xss
>
> Please send comments to public-webappsec@w3.org , positive feedback is
> encouraged.
>
> This CfC will end on December 4, 2012.
>
> Thank you,
>
> Brad Hill
>
>

Received on Wednesday, 28 November 2012 00:00:35 UTC