- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Wed, 17 Oct 2012 18:05:11 -0400
- To: Fred Andrews <fredandw@live.com>
- CC: "public-webappsec@w3.org" <public-webappsec@w3.org>
On 10/17/12 5:44 PM, Fred Andrews wrote: > If the server can't rely on this then why does CSP require the UA to > send a report when requested? An excellent question, to which I do not know the answer, since I wasn't involved in writing that part of the spec. But presumably the idea is to make it more likely that the server will get the report, in common situations. -Boris
Received on Wednesday, 17 October 2012 22:05:40 UTC