On 7/17/09 8:40 AM, Bil Corry wrote:
An external validation tool could help authors understand
> what their CSP rules are actually allowing/preventing (maybe
> something similar to validator.w3.org). To compliment it,
> another handy tool would be a browser plug-in that could help
> create CSP rules based on how the site actually works.
These are great ideas. We are currently working on some "how to"
documents with the spec for CSP that cover things such as "how to create
a policy for my site", and would love to see such tools come out of all
this.
-Sid
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
