On 5/14/2013 12:08 PM, Anne van Kesteren wrote: > I think it makes more sense to treat opening a worker as creating an > iframe. That works better for the navigation controller scenario as > well (the (shared) worker is governed by the controller that governs > its URL, rather than the document that created it). If not from the document which created it how do you define the CSP for a worker, from a CSP header when it's loaded? In all other cases we're ignoring CSP headers on script files. -Dan Veditz
This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC