- From: Dirk Schulze <dschulze@adobe.com>
- Date: Thu, 20 Jun 2013 10:28:48 -0700
- To: Boris Zbarsky <bzbarsky@MIT.EDU>
- CC: Anne van Kesteren <annevk@annevk.nl>, Gordon Hemsley <me@gphemsley.org>, Adam Barth <w3c@adambarth.com>, WebAppSec WG <public-webappsec@w3.org>
Hi Anne, Can you elaborate more about the goal of this table? Is it a general overview as a help to create one spec "to rule them all", or hints/roadmaps for each different responsible specs? That would make it easier to contribute and review. Greetings, Dirk On Jun 20, 2013, at 7:17 AM, Boris Zbarsky <bzbarsky@MIT.EDU> wrote: > On 6/20/13 3:27 AM, Anne van Kesteren wrote: >> It seems XMLHttpRequest is connect-src. > > OK. > >> Workers are covered by script-src. > > Is that actually specified somewhere? > >> HTML component imports are covered by script-src (for >> now). > > Likewise. > > -Boris >
Received on Thursday, 20 June 2013 17:29:23 UTC