- From: Deian Stefan <deian@cs.stanford.edu>
- Date: Tue, 01 Dec 2015 14:12:29 -0800
- To: Mike West <mkwst@google.com>, "public-webappsec\@w3.org" <public-webappsec@w3.org>
- Cc: Mark Nottingham <mnot@mnot.net>, Brad Hill <hillbrad@gmail.com>, Wendy Seltzer <wseltzer@w3.org>, Dan Veditz <dveditz@mozilla.com>
Mike West <mkwst@google.com> writes: > I think this draft is a reasonable stab at a FPWD, and though it will > certainly require some iteration, it's something that I think should be > pretty straightforward to implement. This CfC will end in a week, on > December 7th. Feedback, positive and otherwise, would be exceptionally > well-received at public-webappsec@w3.org. +1 Minor bikeshedding: I'm not a huge fan of using 'http' as a directive. Maybe 'http-header' or 'header-only'. The path directive seems useful as well, but I suspect that the processing model may get a bit complicated. I think we can have a more general scoping mechanism that can subsume this and also make it useful for Suborigins and COWL. Deian
Received on Tuesday, 1 December 2015 22:13:13 UTC