- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Wed, 4 Jun 2014 18:37:25 +0200
- To: Neil Matatall <neilm@twitter.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Wed, Jun 4, 2014 at 6:29 PM, Neil Matatall <neilm@twitter.com> wrote: > I've already put up a patch to stop applying CSP to this resource. Was > that the right thing to do? Per the HTML Standard a document is to be created if such resources are loaded in a browsing context. CSP should apply to that. -- http://annevankesteren.nl/
Received on Wednesday, 4 June 2014 16:37:53 UTC