W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2014

Re: referrer directive expressiveness

From: Anne van Kesteren <annevk@annevk.nl>
Date: Thu, 30 Jan 2014 15:18:33 -0800
Message-ID: <CADnb78jvRn_p0g+mbRGOWfRN3-t6zQCLcLnaKj_9UppAhPtH+g@mail.gmail.com>
To: David Bruant <bruant.d@gmail.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Thu, Jan 30, 2014 at 3:13 PM, David Bruant <bruant.d@gmail.com> wrote:
> That's the semantics that Facebook needs, but is not what I read from the
> CSP 1.1 draft I've found:

I understand. I wonder what the use case is for only sending origin (+
"/") same-origin.


> Did you mean "always"?

Yeah.


-- 
http://annevankesteren.nl/
Received on Thursday, 30 January 2014 23:19:01 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:04 UTC