W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2015

Re: CSP Plugin

From: Jim Manico <jim.manico@owasp.org>
Date: Thu, 27 Aug 2015 15:07:59 -0700
Cc: Kepeng Li <kepeng.lkp@alibaba-inc.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-Id: <1F501F32-5033-42DF-8D67-72AECD625E50@owasp.org>
To: Brad Hill <hillbrad@gmail.com>
> Flash, Java and Silverlight all have special rules about requesting policy files and enabling SOP bypasses based on them...

Can I have "client side technologies that should be fully banned from the browser" for 500, Alex?

--
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org
Join me at AppSecUSA 2015!

> On Aug 27, 2015, at 11:10 AM, Brad Hill <hillbrad@gmail.com> wrote:
> 
> Flash, Java and Silverlight all have special rules about requesting policy files and enabling SOP bypasses based on them, treating

Received on Thursday, 27 August 2015 22:08:30 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:50 UTC