ACTION-38: Record that ISPs should not mess with CSP, and if you are worried about this, you should do HTTPS.
Record that ISPs should not mess with CSP, and if you are worried about this, you should do HTTPS.
- State:
- closed
- Person:
- Brandon Sterne
- Due on:
- January 10, 2012
- Created on:
- January 3, 2012
- Related emails:
- No related emails
Related notes:
Executed by Abarth. Brandon to review.
http://dvcs.w3.org/hg/content-security-policy/rev/f15a0c98899c
Adam Barth, 17 Jan 2012, 22:45:52Looks good. Here is a citation we could potentially use:
http://engineering.twitter.com/2011/03/improving-browser-security-with-csp.html
Display change log.