CSP - matching a URI against a source expression with no scheme

If I understand correctly, matching the URI:
"http://example.com/resource1" against the source expression
"example.com" shall return a positive match?

I would also like to ask for a clarification on point 3.4 of the
matching algorithm (http://www.w3.org/TR/CSP/#matching):
"uri-scheme" is the scheme part of the URI (according to point 3.2),
why should it be compared to the scheme of the URI it was derived
from? Or is "protected resource's URI" different from the URI being

Janusz Majnert

Received on Wednesday, 13 March 2013 09:38:24 UTC