W3C home > Mailing lists > Public > public-webappsec@w3.org > June 2013

[Bug 22256] New: Add a note regarding first line of defense.

From: <bugzilla@jessica.w3.org>
Date: Tue, 04 Jun 2013 02:20:45 +0000
To: public-webappsec@w3.org
Message-ID: <bug-22256-4874@http.www.w3.org/Bugs/Public/>
https://www.w3.org/Bugs/Public/show_bug.cgi?id=22256

            Bug ID: 22256
           Summary: Add a note regarding first line of defense.
    Classification: Unclassified
           Product: WebAppsSec
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: CSP
          Assignee: w3c@adambarth.com
          Reporter: glenn@skynav.com
        QA Contact: dave.null@w3.org
                CC: mike@w3.org, public-webappsec@w3.org

The introduction contains the following:

"Content Security Policy (CSP) is not intended as a first line of defense
against content injection vulnerabilities."

For those readers not familiar with the details of secure programming, it would
be useful to add a Note referring to some work(s) that address the "first
line[s] of defense".

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Received on Tuesday, 4 June 2013 02:20:50 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:02 UTC