Re: Every example fails

That sounds like a problem. :)

What browsers do you see this in? Would you mind filing a bug at
https://github.com/w3c/webappsec/issues/new?title=CSP: and I'll figure out
whether the spec's wrong or the browsers are wrong (and then fix the spec
either way, since browsers are shipping, and it's just a document... :) ).

-mike

--
Mike West <mkwst@google.com>, @mikewest

Google Germany GmbH, Dienerstrasse 12, 80331 München,
Germany, Registergericht und -nummer: Hamburg, HRB 86891, Sitz der
Gesellschaft: Hamburg, Geschäftsführer: Graham Law, Christine Elizabeth
Flores
(Sorry; I'm legally required to add this exciting detail to emails. Bleh.)

On Wed, Jun 10, 2015 at 11:23 AM, Andrea Giammarchi <
andrea.giammarchi@gmail.com> wrote:

> This page used to work:
> http://webreflection.github.io/DOMContentLoaded/example.html
>
> now it fails.
>
> The example using sha512 in here also fails:
> http://www.w3.org/TR/CSP/#script-src-hash-usage
>
> if you use the sha256 version of the alert it fails too.
>
> Have inline behavior changed and the documentation needs some update or
> it's just my array of browsers that suddenly won't work anymore with CSP
> scripts?
>
> Thank you in advance for any sort of clarification.
>

Received on Friday, 12 June 2015 14:08:49 UTC