- From: Fred Andrews <fredandw@live.com>
- Date: Tue, 16 Oct 2012 22:36:45 +0000
- To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Received on Tuesday, 16 October 2012 22:37:12 UTC
It would be appreciated if the WG could clarify if a browser conforming to CSP 1.0 is permitted to implement reporting as opt-in? It was my understanding based on the decision of issue 11 and prior discussion on this list that CSP 1.0 required a UA to submit a report when requested by the server and thus that a server could depend on this. However a recent response suggests this may not be the consensus. cheers Fred
Received on Tuesday, 16 October 2012 22:37:12 UTC