ISSUE-7: Should the policy-uri directive be in CSP 1.0?

policy-uri

Should the policy-uri directive be in CSP 1.0?

State:
CLOSED
Product:
CSP Level 1
Raised by:
Adam Barth
Opened on:
2011-11-03
Description:
The policy-uri directive lets a document refer to an external URI to provide a CSP policy. Firefox has implemented policy-uri, so it is a candidate for inclusion in CSP 1.0.

bsterne notes that folks are already using this directive and like it.
abarth notes that this directive is slow because it requires a synchronous network fetch.

Next steps:

1) jrossi to provide input: http://www.w3.org/2011/webappsec/track/actions/25
Related Actions Items:
No related actions
Related emails:
No related emails

Related notes:

No. Cut from v 1.0

Brad Hill, 2 May 2012, 18:27:03

Display change log ATOM feed

Daniel Veditz <dveditz@mozilla.com>, Mike West <mkwst@google.com>, Chairs, Wendy Seltzer <wseltzer@w3.org>, Samuel Weiler <weiler@w3.org>, Staff Contacts
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 7.html,v 1.1 2020/01/17 08:52:42 carcone Exp $