RE: webappsec-ISSUE-45 ('top-only'): Is 'top-only' worth preserving? [UI Security]

> -----Original Message-----
> From: [] On
> Behalf Of Anne van Kesteren
> If CSP supplants XFO it should document XFO and their mutual interaction (and
> not just as a consideration, but just give the rules implementations should
> follow).

[Hill, Brad] That's covered in 

but I would certainly appreciate comments to make the behavior more explicit if you feel such is necessary.


Received on Tuesday, 12 March 2013 14:03:45 UTC