Re: Include page http response code in CSP reports?

On Tue, Mar 26, 2013 at 10:08 PM, Mike West <> wrote:
> I can't come up with any clever exploits that would be caused by sending the
> response code of the protected resource (perhaps as "document-status" next
> to "document-uri"?), and there's apparently some marginal value to adding
> it. That doesn't mean there aren't any, however...

Fly-by-comment, can we still rename those to "-url"? The whole
platform uses URL, not URI...


Received on Tuesday, 26 March 2013 22:12:07 UTC