W3C home > Mailing lists > Public > public-webappsec@w3.org > February 2013

Re: Why no fragment part in CSP-report document-uri?

From: John Wilander <john.wilander@owasp.org>
Date: Wed, 13 Feb 2013 11:26:49 +0100
Message-ID: <CALrECXC4=wSSwePaGdUnWH2zFe5MeYfP5uxu8UTOB6M3Cj+v_A@mail.gmail.com>
To: public-webappsec <public-webappsec@w3.org>
2013/2/13 John Wilander <john.wilander@owasp.org>

> document-uriThe address<http://www.w3.org/TR/html5/dom.html#the-document%27s-address>of the protected resource, with any
> <fragment> <http://www.w3.org/TR/html5/urls.html#url-fragment> component
> removed.

Sorry, I meant the ...
*blocked-uri*URI of the resource that was prevented from loading due to the
policy violation, *with any
*, or the empty string if the resource has no URI (inline script and inline
style, for example).



John Wilander, https://twitter.com/johnwilander
Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
Conf Comm, http://www.owasp.org/index.php/Global_Conferences_Committee
My music http://www.johnwilander.com & my résumé http://johnwilander.se
Received on Wednesday, 13 February 2013 10:27:16 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:31 UTC