ACTION-115: Proposal for handling srcdoc from Adam Barth on 2013-04-30 (public-webappsec@w3.org from April 2013)

From: Adam Barth <w3c@adambarth.com>
Date: Mon, 29 Apr 2013 22:29:06 -0700
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <CAJE5ia9HvYb2230hizFxcOzVND9gZ7Q2DMe6HxJgg8zg+EY1tg@mail.gmail.com>

ACTION-115 asks me to make a proposal for handling the interaction
between CSP and srcdoc.  I've made a first pass at speccing the
interaction in this change:

https://dvcs.w3.org/hg/content-security-policy/rev/edce1a90a0c4

Please let me know if you have any comments.

ACTION-115 also asks me to make a proposal for handling the
interaction between CSP and blob URLs.  I don't believe we need to
change anything about the spec to handle this interaction.  Please let
me know if you think there's something we need to add to handle this
interaction.

Adam

Received on Tuesday, 30 April 2013 05:30:06 UTC