SecurityEngineering/CSP Radar

From MozillaWiki
Jump to: navigation, search

CSP: the Future™

Bugs

Things To Do ?

  • script-nonce / script-hash (CSP 1.1)
  • paths (CSP 1.1)
  • sandbox (options 1.0, in csp1.1)
  • anything else from CSP 1.1 or UI Safety specs ?
  • frame-options (pretty much == frame-ancestors)
  • redirects / general nsIContentPolicy issue ?

ACTIONS