- From: David Bruant <bruant.d@gmail.com>
- Date: Fri, 31 Jan 2014 00:22:42 +0100
- To: Anne van Kesteren <annevk@annevk.nl>
- CC: "public-webappsec@w3.org" <public-webappsec@w3.org>
Le 31/01/2014 00:18, Anne van Kesteren a écrit : > On Thu, Jan 30, 2014 at 3:13 PM, David Bruant <bruant.d@gmail.com> wrote: >> That's the semantics that Facebook needs, but is not what I read from the >> CSP 1.1 draft I've found: > I understand. I wonder what the use case is for only sending origin (+ > "/") same-origin. You mean the use case for the current semantics as spec'ed? Good question. Maybe it's just an omission and the intended semantics is the one you described. David
Received on Thursday, 30 January 2014 23:23:12 UTC