text/staticHTML and content security policy [was: Sniffing and HTTP-bis] from Dan Connolly on 2009-12-07 (www-tag@w3.org from December 2009)

From: Dan Connolly <connolly@w3.org>
Date: Mon, 07 Dec 2009 12:03:35 -0600
To: "Henry S. Thompson" <ht@inf.ed.ac.uk>
CC: Tim Berners-Lee <timbl@w3.org>, Jonathan Rees <jar@creativecommons.org>, David Booth <david@dbooth.org>, www-tag@w3.org
Message-ID: <4B1D4377.6020609@w3.org>

Henry S. Thompson wrote:
> [...]
> That is, supposing there were a media type text/staticHTML, which
> meant, effectively, interpret as HTML with noscript applying
> throughout.
FYI,  that, among other things, is expressible using the Content 
Security Proposal.
http://www.w3.org/Security/wiki/Content_Security_Policy

It introduces an HTTP X-Content-Security-Policy header field
(which can be expressed using <meta http-equiv>).

p.s. tracker, I'd like more bonus points for this msg under ACTION-323 .

-- 
Dan

Received on Monday, 7 December 2009 18:03:45 UTC