W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2013

Actual Poll vote (was: Reminder: please send your preferences (was: POLL: Getting CSP 1.1 to LCWD))

From: =JeffH <Jeff.Hodges@KingsMountain.com>
Date: Thu, 03 Oct 2013 17:43:55 -0700
Message-ID: <524E0F4B.9050704@KingsMountain.com>
To: W3C Web App Security WG <public-webappsec@w3.org>
> This is a request again, for all WG members, to please send your
> response to this simple poll before our call on Tuesday:
>
> 1: We should close the feature set of CSP 1.1?  Agree / Disagree

agree

>
> 2. We should include the application of 'unsafe-eval' semantics to the
> CSSOM in the core CSP 1.1 feature set? Agree / Disagree

no opinion

>
> 3. We should include the suborigin sandboxing proposal in the core CSP
> 1.1 feature set? Agree / Disagree

Disagree. belongs in own spec like UISecurity

>
> 4. We should include the "Session Origin Security" policy in the core
> CSP 1.1 feature set?  Agree / Disagree


Disagree

>
> 5. We should include the "cookie-scope" policy in the core CSP 1.1
> feature set?  Agree / Disagree

no opinion

>
> 6. We should make changes to core CSP 1.1 behavior (including possibly
> specifying a new directive about user script) as requested by Bug 23357?
>  Agree / Disagree

Disagree

=JeffH
Received on Friday, 4 October 2013 00:44:20 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:03 UTC