Re: [filter-effects][css-masking] Move security model for resources to CSP from Anne van Kesteren on 2013-04-05 (public-webappsec@w3.org from April 2013)

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 5 Apr 2013 10:56:39 +0100
To: Dirk Schulze <dschulze@adobe.com>
Cc: "public-fx@w3.org" <public-fx@w3.org>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CADnb78gW8JqOmCiRK4Hb56ZTKw1+QEsD+DS15q=ZdnA3Zag6vg@mail.gmail.com>

On Fri, Apr 5, 2013 at 6:58 AM, Dirk Schulze <dschulze@adobe.com> wrote:
> CSS Masking and Filter Effects describe a security model ... Content Security Policy (CSP) spec.

The drafts are referencing CORS instead, which seems more appropriate
for what is going on. We are protecting the resource that is being
loaded right, not the page itself?


--
http://annevankesteren.nl/

Received on Friday, 5 April 2013 09:57:07 UTC