- From: Oda, Terri <terri.oda@intel.com>
- Date: Tue, 20 May 2014 14:32:20 -0700
- To: Mike West <mkwst@google.com>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, Tab Atkins <tabatkins@google.com>
- Message-ID: <CACoC0R9JTD+WAZL1g7a58hLDZFN=qPReDkGghLxdCU0g30oeZg@mail.gmail.com>
Looking great, Mike! While I was flipping through, I noticed a few typos, so I ran the CSP specs through a quick spell check. I'll submit a pull request with those fixes rather than enumerate them here. But there's one that came up that I wasn't sure about. In section 7.14 we have: "The reflected-xss directive instructs a user agent to active or disactivate any heuristics used to filter or block reflected cross-site scripting attacks." Should that be "deactivate" or is "disactivate" jargon that I'm simply not familiar with? On Tue, May 20, 2014 at 5:32 AM, Mike West <mkwst@google.com> wrote: > If you've never looked at the CSP spec's source code, ignore this email. :) > > I've taken a pass through CSP 1.1 in the hopes of getting us to last call > sometime in the foreseeable future. While doing so, I've ported the spec > from an old, old, old version of Respec to the CSSWG's new hotness, > Bikeshed. I think the code is significantly easier to follow, and we're now > much more easily capable of interlinking definitions both internally and in > external specifications. Most importantly, we can swipe the CSSWG's layout. > :) > > Thanks to Tab for putting up with my n00b questions over the last day or > three. > > I've also moved the spec from > http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.htmlto > https://w3c.github.io/webappsec/specs/content-security-policy/ to match > SRI. > > Hopefully you'll enjoy reading the new layout (and I'd encourage you to do > so, and tell me about typos or bugs in the spec!), thanks! > > -- > Mike West <mkwst@google.com> > Google+: https://mkw.st/+, Twitter: @mikewest, Cell: +49 162 10 255 91 > > Google Germany GmbH, Dienerstrasse 12, 80331 München, Germany > Registergericht und -nummer: Hamburg, HRB 86891 > Sitz der Gesellschaft: Hamburg > Geschäftsführer: Graham Law, Christine Elizabeth Flores > (Sorry; I'm legally required to add this exciting detail to emails. Bleh.) >
Received on Tuesday, 20 May 2014 21:32:49 UTC