W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2013

ACTION-115: Proposal for handling srcdoc

From: Adam Barth <w3c@adambarth.com>
Date: Mon, 29 Apr 2013 22:29:06 -0700
Message-ID: <CAJE5ia9HvYb2230hizFxcOzVND9gZ7Q2DMe6HxJgg8zg+EY1tg@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
ACTION-115 asks me to make a proposal for handling the interaction
between CSP and srcdoc.  I've made a first pass at speccing the
interaction in this change:

https://dvcs.w3.org/hg/content-security-policy/rev/edce1a90a0c4

Please let me know if you have any comments.

ACTION-115 also asks me to make a proposal for handling the
interaction between CSP and blob URLs.  I don't believe we need to
change anything about the spec to handle this interaction.  Please let
me know if you think there's something we need to add to handle this
interaction.

Adam
Received on Tuesday, 30 April 2013 05:30:06 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC