Details on Product CSP Level 1

All Issues

New issues for this product are notified to public-webappsec@w3.org (change it).

There are 16 issues listed in the system.

ID State Title Raised on Product Open Actions
ISSUE-3 (edit) CLOSED How to handle directives that are not understood in v 1.0 2011-10-31 CSP Level 1 0
ISSUE-4 (edit) CLOSED Solicit for input on policy intersection / conflict resolution 2011-10-31 CSP Level 1 0
ISSUE-6 (edit)
sandbox		 CLOSED Should the sandbox directive be part of CSP 1.0? 2011-11-03 CSP Level 1 0
ISSUE-7 (edit)
policy-uri		 CLOSED Should the policy-uri directive be in CSP 1.0? 2011-11-03 CSP Level 1 0
ISSUE-8 (edit) CLOSED Identify proper behavior for html added via plugins / object tag 2011-11-22 CSP Level 1 0
ISSUE-9 (edit) CLOSED Should the user agent fire the error event when an img-src load fails? 2012-01-17 CSP Level 1 0
ISSUE-10 (edit) CLOSED Processing model for object element and frame-src directive 2012-01-17 CSP Level 1 0
ISSUE-11 (edit)
Violation report privacy		 CLOSED Violation report privacy issues 2012-01-17 CSP Level 1 0
ISSUE-12 (edit) CLOSED Should 'self' be required to be replaced by explict host in reports? 2012-01-17 CSP Level 1 0
ISSUE-13 (edit)
URI Fragments in 1.1		 CLOSED Optionally include URI fragments in violation reports for v1.1 2012-02-14 CSP Level 1 0
ISSUE-14 (edit)
META tag for CSP		 CLOSED Investigate whether to keep the META tag for CSP 2012-03-13 CSP Level 1 0
ISSUE-16 (edit)
CSP informs client, cannot restrict it		 CLOSED Editorial: CSP cannot dictate client behavior, only inform it 2012-09-11 CSP Level 1 0
ISSUE-17 (edit)
Extension compat		 CLOSED CSP should take into account extensions which modify content 2012-09-11 CSP Level 1 0
ISSUE-18 (edit)
CSP as risk assessment score		 CLOSED Use CSP to report app risk and compatibility with user specified restrictions 2012-09-11 CSP Level 1 0
ISSUE-19 (edit)
Interaction of CSP and IRIs		 CLOSED How are non-ASCII characters handled in CSP 2012-09-11 CSP Level 1 0
ISSUE-41 (edit)
CSP and malicious extensions		 CLOSED CSP does not protect against malicious extensions 2012-12-19 CSP Level 1 0

All Actions

There are 0 actions.

Add a new action item.

See only open and raised issues and actions.

Daniel Veditz <dveditz@mozilla.com>, Mike West <mkwst@google.com>, Chairs, Wendy Seltzer <wseltzer@w3.org>, Samuel Weiler <weiler@w3.org>, Staff Contacts
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: all.html,v 1.1 2020/01/17 08:52:49 carcone Exp $