W3C home > Mailing lists > Public > public-webappsec@w3.org > October 2014

Re: Frame Ancestors and Referrer (Re: [webappsec] Call for Consensus: Stop work on Content Security Policy 1.0, transition to WG Note)

From: Frederik Braun <fbraun@mozilla.com>
Date: Mon, 27 Oct 2014 12:01:10 +0100
Message-ID: <544E25F6.9040402@mozilla.com>
To: public-webappsec@w3.org 
On 25.10.2014 02:37, Sean Snider wrote:
> Anyway. . . In my very humble opinion. . . 
> 
> I really cannot see a "valid" use-case for "none", and I think it potentially breaks things or creates nasty situations.
> 

I disagree. There are numerous cases for secrets in the link (aka
capability URLs) that may want to get a greater deal of leak protection.
Received on Monday, 27 October 2014 11:01:39 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:41 UTC