W3C home > Mailing lists > Public > public-webappsec@w3.org > November 2014

webappsec-ISSUE-71 (JSONP directives): Consider directives in CSP Level 3 to reduce attack surface of legacy JSONP interaces [CSP Level 3]

From: Web Application Security Working Group Issue Tracker <sysbot+tracker@w3.org>
Date: Tue, 04 Nov 2014 23:16:37 +0000
Message-Id: <E1XlnL3-0007sy-By@stuart.w3.org>
To: public-webappsec@w3.org
webappsec-ISSUE-71 (JSONP directives): Consider directives in CSP Level 3 to reduce attack surface of legacy JSONP interaces [CSP Level 3]

http://www.w3.org/2011/webappsec/track/issues/71

Raised by: Brad Hill
On product: CSP Level 3

Consider several proposals as well as newly chartered work to see if it is possible to achieve reasonable and lightweight attack surface reduction for applications that rely on legacy JSONP constructs.
Received on Tuesday, 4 November 2014 23:16:38 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:07 UTC