W3C home > Mailing lists > Public > public-webappsec@w3.org > February 2016

FYI: RFC7762 established a registry of CSP directives

From: Mike West <mkwst@google.com>
Date: Fri, 12 Feb 2016 13:07:55 +0100
Message-ID: <CAKXHy=f7rFBEmanTbmwu-hPmpew_BLtFa5fZa9pHk5NJUvLyXw@mail.gmail.com>
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Cc: Mark Nottingham <mnot@mnot.net>, Brad Hill <hillbrad@gmail.com>, Dan Veditz <dveditz@mozilla.com>
Hello, folks!

We're moving towards a more modular future for CSP; as opposed to putting
everything into one monolithic doc that advances as a block, we're
splitting things up into various docs that can advance at their own rate.

Thanks to mnot@ and others, https://tools.ietf.org/html/rfc7762 formalizes
this split to some extent, providing a single location (
https://www.iana.org/assignments/content-security-policy-directives/content-security-policy-directives.xhtml#directives)
that
collects all the directives that we (and others!) end up specifying. I'll
be adding super-exciting IANA sections to the various CSP modules we have
lying around, and I hope you'll do the same when you decide that you'd like
to specify your own directive(s).

Thanks!

-mike
Received on Friday, 12 February 2016 12:08:44 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:18 UTC