- From: =JeffH <Jeff.Hodges@KingsMountain.com>
- Date: Thu, 03 Oct 2013 17:43:55 -0700
- To: W3C Web App Security WG <public-webappsec@w3.org>
> This is a request again, for all WG members, to please send your > response to this simple poll before our call on Tuesday: > > 1: We should close the feature set of CSP 1.1? Agree / Disagree agree > > 2. We should include the application of 'unsafe-eval' semantics to the > CSSOM in the core CSP 1.1 feature set? Agree / Disagree no opinion > > 3. We should include the suborigin sandboxing proposal in the core CSP > 1.1 feature set? Agree / Disagree Disagree. belongs in own spec like UISecurity > > 4. We should include the "Session Origin Security" policy in the core > CSP 1.1 feature set? Agree / Disagree Disagree > > 5. We should include the "cookie-scope" policy in the core CSP 1.1 > feature set? Agree / Disagree no opinion > > 6. We should make changes to core CSP 1.1 behavior (including possibly > specifying a new directive about user script) as requested by Bug 23357? > Agree / Disagree Disagree =JeffH
Received on Friday, 4 October 2013 00:44:20 UTC