Re: Clarification of CSP sandbox and workers

On Wed, 12 Nov 2014, Mike West wrote:
>
> The CSP spec should just delegate to HTML here. If/when HTML defines 
> sandboxing with regard to Workers, CSP will just start using those 
> hooks.
> 
> I'd agree, for example, that it does appear that sandboxing a worker 
> into a unique origin could be interesting. It's not clear to me whether 
> any of the other flags would be useful, though.
> 
> Ian, WDYT?

Happy to add features if browsers are going to implement them. Just file a 
bug describing what the feature is. :-)

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Wednesday, 12 November 2014 21:02:49 UTC