- From: Mike West <mkwst@google.com>
- Date: Mon, 18 Aug 2014 09:18:48 +0200
- To: Anne van Kesteren <annevk@annevk.nl>
- Cc: WebAppSec WG <public-webappsec@w3.org>
Received on Monday, 18 August 2014 07:19:37 UTC
Given that referrer policy is a FPWD, I wasn't sure whether it was stable enough to refer to in CSP. I agree that that's the right thing to do, however: https://github.com/w3c/webappsec/commit/d5483ae3cb199798cdd44d5c85c2482e7f992501 If we decide that such delegation is premature, we can always revert that patch. -mike -- Mike West <mkwst@google.com> Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91 Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Geschäftsführer: Graham Law, Christine Elizabeth Flores (Sorry; I'm legally required to add this exciting detail to emails. Bleh.) On Sat, Aug 16, 2014 at 8:16 AM, Anne van Kesteren <annevk@annevk.nl> wrote: > It seems that Referrer Policy needs to define the CSP bits itself if > it wants to replace that part of the CSP specification, no? Or at > least CSP needs to acknowledge that it only controls the syntax and > point back somehow. > > > -- > http://annevankesteren.nl/ > >
Received on Monday, 18 August 2014 07:19:37 UTC