[whatwg] Clickjacking and CSRF

On Thu, Jul 16, 2009 at 2:25 PM, Aryeh Gregor<Simetrical+w3c at gmail.com> wrote:
> Is there support in the spec for pinging the report-uri on violations,
> but still allowing the violation to go through? ?That could allow much
> easier deployment, so that you could verify that your policy wasn't
> blocking anything legitimate. ?I don't see it anywhere, but I didn't
> look very hard.

I don't think so. I've cc'ed the relevant people that can answer.

/ Jonas

Received on Thursday, 16 July 2009 15:13:56 UTC