Hi, recently Jonas Sicking raised the idea of having a CSP directive that would block usage of innerHTML the primary motivation for doing this seems to be additional defence in depth on top of CSP already restricting script and style injections i'm curious what others think of this idea and looking for feedback :) thanks, ianReceived on Tuesday, 30 April 2013 18:08:14 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:32 UTC