A 'navigation-to' CSP directive from Andy Paicu on 2017-12-01 (public-webappsec@w3.org from December 2017)

From: Andy Paicu <andypaicu@chromium.org>
Date: Fri, 1 Dec 2017 11:54:34 +0100
To: public-webappsec@w3.org
Message-ID: <CALTCLq7S_K6MBc9fXwoNwfTfoDF-yXo5KX6Ygm6EsMp-xE7arA@mail.gmail.com>

Hello all,

Following the discussions at TPAC I have put together a document
proposal/explainer around a 'navigation-to' CSP directive.

This directive can help web authors control the top level navigations
allowed from their page and I have listed some scenarios where such a
directive could be used.

If you are interested, please have a look and feel free to leave comments.

https://docs.google.com/a/chromium.org/document/d/1eMfw7sSIPtPPs9T3K2C8SfDi3Q7OXRTrRDdkGOLb19M/edit?usp=sharing

Regards,
Andy Paicu

Received on Friday, 1 December 2017 11:00:14 UTC