ISSUE-7: Should the policy-uri directive be in CSP 1.0?
policy-uri
Should the policy-uri directive be in CSP 1.0?
- State:
- CLOSED
- Product:
- CSP Level 1
- Raised by:
- Adam Barth
- Opened on:
- 2011-11-03
- Description:
- The policy-uri directive lets a document refer to an external URI to provide a CSP policy. Firefox has implemented policy-uri, so it is a candidate for inclusion in CSP 1.0.
bsterne notes that folks are already using this directive and like it.
abarth notes that this directive is slow because it requires a synchronous network fetch.
Next steps:
1) jrossi to provide input: http://www.w3.org/2011/webappsec/track/actions/25 - Related Actions Items:
- No related actions
- Related emails:
- No related emails
Related notes:
No. Cut from v 1.0
Brad Hill, 2 May 2012, 18:27:03Display change log