Daniel Veditz wrote:
CSP is designed so that mistakes of omission tend to break the site
break. This won't introduce subtle bugs, rudimentary content testing
will quickly reveal problems.

But won't authors fail to understand how to solve the problem, and open everything wide ? From experience, that's what happens with technologies that are too complex.

A simpler syntax for simple case really would help, it's just that Ian is coming a bit late for this.
dev-security mailing list

Reply via email to