CSP Versions in Violation Reports from Boris Chen on 2015-01-19 (public-webappsec@w3.org from January 2015)

From: Boris Chen <boris@tcell.io>
Date: Sun, 18 Jan 2015 21:44:31 -0800
To: public-webappsec@w3.org
Message-ID: <CACTPcOUxyCEwOjo+Ox0mxgiLJ75mwTKR3o5taiXbsW9M+eLTsw@mail.gmail.com>

Hello,

I've been playing around with CSP reporting, and I was wondering if there
has been any discussion of including CSP version in the reports.

User-agents will obviously be supporting different versions of CSP for a
given web application, and therefore, the reports will vary depending on
the user-agents. The version info would help reporting on the violation
reports more accurate. This won't help for current versions supported, but
would be helpful for the future.

Any thoughts?

Regards,
Boris Chen

Received on Monday, 19 January 2015 07:09:49 UTC