On 12/03/10 22:45, Nick Kralevich wrote:
To me, it seems valuable to support both X-Content-Security-Policy and X-Content-Security-Policy-Report-Only, as it allows sites to test new restrictions without disrupting their current restrictions.
That's a very good point IMO. Gerv _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security