On 5/14/2013 12:08 PM, Anne van Kesteren wrote: > I think it makes more sense to treat opening a worker as creating an > iframe. That works better for the navigation controller scenario as > well (the (shared) worker is governed by the controller that governs > its URL, rather than the document that created it). If not from the document which created it how do you define the CSP for a worker, from a CSP header when it's loaded? In all other cases we're ignoring CSP headers on script files. -Dan Veditz
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:33 UTC