webappsec-ISSUE-70 (Using ni:/// as CSP source): Investigate using ni:/// as a CSP source expression [CSP Next] from Web Application Security Working Group Issue Tracker on 2014-11-04 (public-webappsec@w3.org from November 2014)

From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Tue, 04 Nov 2014 22:46:37 +0000
To: public-webappsec@w3.org
Message-Id: <E1Xlms1-0007aR-J4@stuart.w3.org>

webappsec-ISSUE-70 (Using ni:/// as CSP source): Investigate using ni:/// as a CSP source expression [CSP Next]

http://www.w3.org/2011/webappsec/track/issues/70

Raised by: Brad Hill
On product: CSP Next

For both use of subresource integrity to whitelist e.g. CDN content that may be assumed to be potentially untrustworthy and to allow more granular listing of particular data: or blob: resources, investigate the possibility of expanding the CSP source productions and processing rules to include ni:/// uris.

Received on Tuesday, 4 November 2014 22:46:38 UTC