W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2013

Re: [webappsec] CSP: are blob uri's really just origin='self'?

From: Ian Melven <ian.melven@gmail.com>
Date: Fri, 30 Aug 2013 15:06:20 -0700
Message-ID: <CA+0m=FcfEn76C0_DCsvste-PZi9bidXQM2sg2ii_dSi6yFEN0Q@mail.gmail.com>
To: Brad Hill <hillbrad@gmail.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
also I just noticed the 'blob URIs must only be valid within this origin'
part of what i pasted so i'm now confused about why cross-origin blobs
exist at all :)

Received on Friday, 30 August 2013 22:06:47 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:34 UTC