Re: Should CSP affect a Notification icon?

On 11/9/2014 4:40 PM, Jim Manico wrote:
> This is a bit tangential, but for future versions of the standard, I'd
> love to be able to limit where simple links are allowed to go. For
> example, perhaps I want to limit a site from only being allow to link to
> my domain or subdomain. I'm just thinking, what else can we limit in the
> browser to lower the attack surface?

We are considering adding controls inspired by David Ross's "Entry Point
Regulation" idea. Is that along the lines of what you were thinking?
http://randomdross.blogspot.com/2014/08/entry-point-regulation-for-web-apps.html

-Dan Veditz

Received on Monday, 10 November 2014 06:17:54 UTC