W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2015

Re: CSP Plugin

From: Jim Manico <jim.manico@owasp.org>
Date: Thu, 27 Aug 2015 15:07:59 -0700
Cc: Kepeng Li <kepeng.lkp@alibaba-inc.com>, "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-Id: <1F501F32-5033-42DF-8D67-72AECD625E50@owasp.org>
To: Brad Hill <hillbrad@gmail.com>
> Flash, Java and Silverlight all have special rules about requesting policy files and enabling SOP bypasses based on them...

Can I have "client side technologies that should be fully banned from the browser" for 500, Alex?

--
Jim Manico
Global Board Member
OWASP Foundation
https://www.owasp.org
Join me at AppSecUSA 2015!

> On Aug 27, 2015, at 11:10 AM, Brad Hill <hillbrad@gmail.com> wrote:
> 
> Flash, Java and Silverlight all have special rules about requesting policy files and enabling SOP bypasses based on them, treating
Received on Thursday, 27 August 2015 22:08:30 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:14 UTC