W3C home > Mailing lists > Public > public-webappsec@w3.org > April 2015

Re: [CSP2] Number of CSP Header Fields

From: Anne van Kesteren <annevk@annevk.nl>
Date: Fri, 3 Apr 2015 11:19:02 +0200
Message-ID: <CADnb78gSPuRRtx+SOsxyDRoOJdt-ymWDu78u2dO1gh59k-EbGg@mail.gmail.com>
To: Mike West <mkwst@google.com>
Cc: Stefan Ossendorf <stefan.ossendorf@outlook.de>, "public-webappsec@w3.org" <public-webappsec@w3.org>
On Fri, Apr 3, 2015 at 11:09 AM, Mike West <mkwst@google.com> wrote:
> 2. A single `Content-Security-Policy` header can contain multiple policies,
> separated by commas.

Hmm. Semantically

  X: 1
  X: 2

is equivalent to

  X: 1, 2

if X's value is defined as

  X = #DIGIT

See final two paragraphs of https://tools.ietf.org/html/rfc7230#section-3.2.2


-- 
https://annevankesteren.nl/
Received on Friday, 3 April 2015 09:19:25 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:11 UTC