Re: Trigger a DOM event/error when a CSP violation happens.

On 10/26/12 4:12 PM, John J Barton wrote:
> On Fri, Oct 26, 2012 at 3:53 PM, Dan Veditz <dveditz@mozilla.com> wrote:
>> privacy principal that user-agent supplied policies do not report violations
>> to the originating server or page content.
>
> Similarly, extension supplied policies should not report. Otherwise
> web pages can probe the users installed extensions.

I was going for brevity with user-AGENT supplied policies, agnostic to 
whether the UA got the policy directly from the user or (more likely) 
from an extension installed by the user. Sorry if it was unclear.

Received on Friday, 26 October 2012 23:20:24 UTC