#31923: Add Support for Cross-Origin Embedder Policy and Cross-Origin Resource
Policy Headers
-------------------------------------+-------------------------------------
Reporter: meggles711 | Owner:
| meggles711
Type: New feature | Status: assigned
Component: HTTP handling | Version: dev
Severity: Normal | Resolution:
Keywords: COEP, header, CORP, | Triage Stage:
security | Someday/Maybe
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Carlton Gibson):
Adam, can I ask you to put your mind to how we might encapsulate these
headers ([https://groups.google.com/g/django-developers/c/WJAbbwJKp30/m
/7At-ZvglAQAJ as per the mailing list thread])?
I imagine there's no perfect option here.
Maybe a class (a namespace) with class attributes for each header. Many
users would never need to think about this. Those that did could define a
single subclass (in a project/conf/default_header.py) and set that.
Maybe something different but, we should establish sensible defaults and
then allow users to not need to confront these details until they need to.
Beyond that, generally +0 if they've reached stable status.
--
Ticket URL: <https://code.djangoproject.com/ticket/31923#comment:4>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/068.5cc91a7b4986c0941734d0286d908618%40djangoproject.com.
