Sid has updated the Content Security Policy spec to address some of the issues discussed here. https://wiki.mozilla.org/Security/CSP/Spec
You can see the issues we've been tracking and the resolutions at the Talk page: https://wiki.mozilla.org/Talk:Security/CSP/Spec There are still a few open issues. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
