W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2013

broadening default-src semantics

From: Yehuda Katz <wycats@gmail.com>
Date: Fri, 31 May 2013 22:28:55 +0100
Message-ID: <CAMFeDTVBe83Q_oeT9Nj64poVDA4sKe3yoE7Dyt6t=hPB82O5hQ@mail.gmail.com>
To: public-webappsec@w3.org
This is a reminder to Adam about a conversation we had.

At present, default-src expands into a list of more granular directives. It
would be better if it was spec'ed as covering all network requests, period.

Yehuda Katz
(ph) 718.877.1325
Received on Friday, 31 May 2013 21:29:42 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:01 UTC