W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2015

CSP Versions in Violation Reports

From: Boris Chen <boris@tcell.io>
Date: Sun, 18 Jan 2015 21:44:31 -0800
Message-ID: <CACTPcOUxyCEwOjo+Ox0mxgiLJ75mwTKR3o5taiXbsW9M+eLTsw@mail.gmail.com>
To: public-webappsec@w3.org

I've been playing around with CSP reporting, and I was wondering if there
has been any discussion of including CSP version in the reports.

User-agents will obviously be supporting different versions of CSP for a
given web application, and therefore, the reports will vary depending on
the user-agents. The version info would help reporting on the violation
reports more accurate. This won't help for current versions supported, but
would be helpful for the future.

Any thoughts?

Boris Chen
Received on Monday, 19 January 2015 07:09:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 18:54:44 UTC