W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2014

webappsec-ISSUE-60 (CSP and META): Injecting META tags can be an interesting bypass technique, possibly [CSP 1.2]

From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Wed, 23 Apr 2014 15:46:07 +0000
Message-Id: <E1WczN9-0002dW-Rj@shauna.w3.org>
To: public-webappsec@w3.org
webappsec-ISSUE-60 (CSP and META): Injecting META tags can be an interesting bypass technique, possibly [CSP 1.2]

http://www.w3.org/2011/webappsec/track/issues/60

Raised by: Brad Hill
On product: CSP 1.2

How do we deal with injected META tags in CSP?
Received on Wednesday, 23 April 2014 15:46:08 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:05 UTC