webappsec-ISSUE-60 (CSP and META): Injecting META tags can be an interesting bypass technique, possibly [CSP 1.2] from Web Application Security Working Group Issue Tracker on 2014-04-23 (public-webappsec@w3.org from April 2014)

From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Wed, 23 Apr 2014 15:46:07 +0000
To: public-webappsec@w3.org
Message-Id: <E1WczN9-0002dW-Rj@shauna.w3.org>

webappsec-ISSUE-60 (CSP and META): Injecting META tags can be an interesting bypass technique, possibly [CSP 1.2]

http://www.w3.org/2011/webappsec/track/issues/60

Raised by: Brad Hill
On product: CSP 1.2

How do we deal with injected META tags in CSP?

Received on Wednesday, 23 April 2014 15:46:08 UTC