Bug 58644 - CSP xhr-src is missing
Summary: CSP xhr-src is missing
Status: RESOLVED LATER
Alias: None
Product: WebKit
Classification: Unclassified
Component: Tools / Tests (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks: 53572
  Show dependency treegraph
 
Reported: 2011-04-15 00:24 PDT by Adam Barth
Modified: 2011-04-23 21:37 PDT (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Adam Barth 2011-04-15 00:24:17 PDT 
CSP xhr-src is missing
Comment 1 Adam Barth 2011-04-23 21:37:05 PDT 
The current plan is to not implement this directive at this time.  This directive is different from the other "src" directives in that it controls a DOM API rather than an HTML element.  There are other DOM APIs that aren't covered, such as new Worker().  It seems like the main value in CSP is in controlling what HTML elements can do.