W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2014

CSP Spec question

From: Adam Gray <adam@trackif.com>
Date: Tue, 27 May 2014 22:30:10 -0500
Message-Id: <B7576AB0-9427-4C38-AD45-3F44C86A6BF2@trackif.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Hello all!

Would this be the correct forum to email regarding some spec related questions? Specifically as they pertain to Bookmarklet/extension/plugin related functionality? I see the direction this spec is heading and a few pieces, in regards to the aforementioned tech, concern me. I would like to give my opinion and possibly understand a bit better the potential workarounds against the current (and future) implementations. 

There is a high probability I simply lack the domain level knowledge to understand the direction chosen and a viable solution is in place for user-originating injection scripts. Or not. Hence the email! 

Thanks in advance!

And thank you Mike West for directing me this way. 


Sent from my iPhone
Received on Wednesday, 28 May 2014 08:21:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:38 UTC