- From: Anne van Kesteren <annevk@annevk.nl>
- Date: Mon, 20 Oct 2014 17:09:09 +0200
- To: Mike West <mkwst@google.com>
- Cc: Brad Hill <hillbrad@gmail.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>, Brian Smith <brian@briansmith.org>
On Mon, Oct 20, 2014 at 5:02 PM, Mike West <mkwst@google.com> wrote: > Point taken regarding hooks from Fetch. It's not clear to me what the best > way to manage that sort of thing is; do you already have ideas about how > you'd like such a hook to look? Something similar to what we have now. I pass you some objects, you return a boolean. (HSTS and REFERRER are harder of course. At least as long as we attempt to keep the hook from having side effects, which seems like a good thing.) (If you like to write small documents with lots of boilerplate over a single document with multiple chapters, up to you I guess. I'd rather review a single document on security-related policies. The alternative is finding the right links and hope I got them all and that they're all the latest, and is annoying at times.) -- https://annevankesteren.nl/
Received on Monday, 20 October 2014 15:09:36 UTC