ACTION-2131: Ask webappsec if csp is meant to block bookmarklets, and raise issue of a11y scripts that users explicitly request (not xss)

Ask webappsec if csp is meant to block bookmarklets, and raise issue of a11y scripts that users explicitly request (not xss)

State:
open
Person:
Becky Gibson
Due on:
July 29, 2020
Created on:
May 10, 2017
Associated Product:
Spec reviews
Related emails:
  1. Re: Agenda: APA WEEKLY Teleconference; Wednesday 22 July at 1600Z (from matkinson@paciellogroup.com on 2020-07-22)
  2. APA call minutes 2018-12-12 (from zimmermann@accesstechnologiesgroup.com on 2018-12-12)
  3. APA call minutes 2018-11-07 (from zimmermann@accesstechnologiesgroup.com on 2018-11-07)
  4. APA minutes 2017-08-23 (from zimmermann@accesstechnologiesgroup.com on 2017-08-23)
  5. minutes for June 21 (from Ted_Drake@intuit.com on 2017-06-21)
  6. Draft minutes of APA call on 2017-05-17 (from zimmermann@accesstechnologiesgroup.com on 2017-05-19)
  7. apa-ACTION-2131: Ask webappsec if csp is meant to block bookmarklets, and raise issue of a11y scripts that users explicitly request (not xss) (from sysbot+tracker@w3.org on 2017-05-10)

Related notes:

[MichaelC]: https://www.w3.org/WAI/APA/wiki/Content_Security_Policy_Level_3

22 Jul 2020, 16:38:21

Latest editor's draft of webappsec https://w3c.github.io/webappsec-csp/ (Feb, 2019)
CSP open issues: https://github.com/w3c/webappsec/labels/CSP
No mailing list activity since early 2019.
Need to at least scan spec to create an informed issue.

Becky Gibson, 11 Aug 2020, 21:20:07

Display change log.


Janina Sajka <janina@rednote.net>, Matthew Atkinson <matkinson@tpgi.com>, Chairs, Michael Cooper <cooper@w3.org>, Ruoxi Ran <ran@w3.org>, Staff Contacts
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: index.php,v 1.326 2018/10/13 17:29:51 vivien Exp $