- From: Adam Barth <w3c@adambarth.com>
- Date: Tue, 27 Nov 2012 15:59:34 -0800
- To: "Hill, Brad" <bhill@paypal-inc.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
Second. On Tue, Nov 27, 2012 at 2:01 PM, Hill, Brad <bhill@paypal-inc.com> wrote: > This is a Call for Consensus among the WebAppSec WG to accept the following > draft of CSP 1.1 as a First Public Working draft: > > https://dvcs.w3.org/hg/content-security-policy/raw-file/48bed86c418d/csp-specification.dev.html > > CSP 1.1 extends CSP 1.0 and defines several new elements of policy > mechanism: > > * an HTML <meta> Element > * Script Interfaces > * Directory path Source Expressions > * Media Type lists > > As well as a number of new directives: > > * form-action > * script-nonce > * plugin-types > * reflected-xss > > Please send comments to public-webappsec@w3.org , positive feedback is > encouraged. > > This CfC will end on December 4, 2012. > > Thank you, > > Brad Hill > >
Received on Wednesday, 28 November 2012 00:00:35 UTC