Re: [CSP3] Nonce Mismatch

Looks like I hit the Send button too fast.
There seems to be a a faster process for accepting PRs which do not concern
a normative part of a specification. This requires having a W3C Member mark
the PR as non-substantive here
<https://labs.w3.org/repo-manager/pr/id/w3c/webappsec-csp/505>.

On Tue, Jun 29, 2021 at 2:20 PM Ionuț Ambrosie <ambrosie@spotify.com> wrote:

> Nice spot Edward!
>
> I've created a PR to address this here:
> https://github.com/w3c/webappsec-csp/pull/505.
> Since I am not affiliated with W3C, it looks like
> <https://labs.w3.org/repo-manager/pr/id/w3c/webappsec-csp/505> one of the
> WG’s team contacts should request me to sign the non-participant licensing
> commitments first.
>
> On Tue, Jun 29, 2021 at 9:59 AM Edward Chorbajian <ec1454@stern.nyu.edu>
> wrote:
>
>> Hello,
>>
>>
>>
>> In https://www.w3.org/TR/CSP3/#strict-dynamic-usage, EXAMPLE 23, the
>> nonce
>>
>>
>> 'nonce-DhcnhD3khTMePgXwdayK9BsMqXjhguV'
>>
>>
>> does not match
>>
>>
>> nonce="DhcnhD3khTMePgXwdayK9BsMqXjhguVV"
>>
>>
>> because there is a missing 'V'. Please add a 'V' at the end of the first
>> nonce.
>>
>>
>>
>> Regards,
>>
>> Ed Chorbajian
>>
>

Received on Tuesday, 29 June 2021 12:26:42 UTC