W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2013

Re: Proposed CSRF countermeasure

From: Michael Shema <mshema@qualys.com>
Date: Mon, 19 Aug 2013 11:19:38 -0700
Message-ID: <CA+ri+V4eZFm+cz3z0pp3vjsh_CWmaBYyyTKBjApJMY+dieHdug@mail.gmail.com>
To: Alex Russell <slightlyoff@google.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Sun, Aug 18, 2013 at 1:34 PM, Alex Russell <slightlyoff@google.com>wrote:

> Why not enable this for sub sections of same origins as well? That'd make
> it an ideal companion to the Navigation Controller for providing more
> granular control.
>
I hadn't thought of applying this for more granularity within the origin.
I've made a note to look into this as well.

Thanks for the comment.
-Mike
Received on Monday, 19 August 2013 18:20:09 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:02 UTC