Re: [secure-contexts] Just this source, silence network communication

On Sat, Apr 14, 2018 at 10:03 AM Devdatta Akhawe <>

I feel like a lot (most?) of the security headers and stuff we build
> is to help site operators (esp security teams for webapps) not make
> mistakes. Everyone could in theory write a secure site but in practice
> it is very hard. The same argument applies to CSP whitelist sources,
> suborigins, the referrer-policy header and so on. Setting it in one
> place makes security engineering's job a lot easier and the likelihood
> of bugs much lower.


But in the original post, I sensed a possibility that such a mechanism
could grow to become a promise to users, in a way that I think CSP has not.
(And, when I have heard of this or similar threat models before, it was
explicitly expressed as a promise from the site operators to the users.
Maybe that's not what the original poster intended, but I'm always on the
look-out for promises we might be making but can't keep.)

Received on Monday, 16 April 2018 16:22:09 UTC