[CSP] CSP3: Request for comments on message-src and message-sink

Hi all,

I started working on the CSP3 postMessage and navigation directives
previously brought up in [1]. The following pull request describes the
message-src and message-sink directives, the goals of which are to
restrict to whom and from whom one can receive messages:

https://github.com/w3c/webappsec/pull/161

I would appreciate any comments and thoughts on this.

Cheers,
Deian

https://lists.w3.org/Archives/Public/public-webappsec/2014Dec/0008.html

Received on Friday, 30 January 2015 01:02:37 UTC