W3C home > Mailing lists > Public > public-webappsec@w3.org > December 2017

A 'navigation-to' CSP directive

From: Andy Paicu <andypaicu@chromium.org>
Date: Fri, 1 Dec 2017 11:54:34 +0100
Message-ID: <CALTCLq7S_K6MBc9fXwoNwfTfoDF-yXo5KX6Ygm6EsMp-xE7arA@mail.gmail.com>
To: public-webappsec@w3.org
Hello all,

Following the discussions at TPAC I have put together a document
proposal/explainer around a 'navigation-to' CSP directive.

This directive can help web authors control the top level navigations
allowed from their page and I have listed some scenarios where such a
directive could be used.

If you are interested, please have a look and feel free to leave comments.

https://docs.google.com/a/chromium.org/document/d/1eMfw7sSIPtPPs9T3K2C8SfDi3Q7OXRTrRDdkGOLb19M/edit?usp=sharing

Regards,
Andy Paicu
Received on Friday, 1 December 2017 11:00:14 UTC

This archive was generated by hypermail 2.3.1 : Friday, 1 December 2017 11:00:15 UTC