|Summary:||Support Mozilla's CSP proposal|
|Product:||WebKit||Reporter:||Peter Kasting <pkasting>|
|Severity:||Enhancement||CC:||abarth, ap, aroben, bugmail, bugzilla, ddkilzer, johnath, jwalden+bwo, mike, sam|
|Version:||528+ (Nightly build)|
Description Peter Kasting 2009-10-05 10:13:34 PDT
CSP, as described in the above URL, is a proposal to enhance site security by allowing web authors to restrict what sorts of capabilities a page has. Implementing this would be a boon for web authors trying to reduce XSS and similar attacks.
Comment 1 Adam Barth 2009-10-05 10:20:49 PDT
I talked to Sid via chat. He said he'd thrilled if we implemented CSP. It might be the right time to review the spec in detail and start a prototype implementation.