Re: [referrer] HTTPS->HTTP from Martin Thomson on 2014-10-27 (public-webappsec@w3.org from October 2014)

From: Martin Thomson <martin.thomson@gmail.com>
Date: Mon, 27 Oct 2014 11:20:40 -0700
To: Mark Nottingham <mnot@mnot.net>
Cc: Brad Hill <hillbrad@gmail.com>, Mike West <mkwst@google.com>, Jochen Eisinger <eisinger@google.com>, Brian Smith <brian@briansmith.org>, WebAppSec WG <public-webappsec@w3.org>
Message-ID: <CABkgnnXUC+zbkNgyHprxAtyoRoU5BZOeqFY=Y8+n2HFksKBrWA@mail.gmail.com>

On 27 October 2014 11:04, Mark Nottingham <mnot@mnot.net> wrote:
> I do wonder (like Brian) whether this is really CSP, or something separate; it seems like a lot of things are getting shoved into CSP because that’s the tool at hand…


Yeah, this doesn't seem like it fits, other than being an available
bucket.  But then, new buckets are cheap too.

Received on Monday, 27 October 2014 18:21:09 UTC