Brad Hill writes:
> Paging (future Dr.) Deian Stefan to the ER...
>
> Any thoughts on using COWL for this kind of thing, with a pinned crypto key
> as a confinement label to be combined with the regular Origin label?
Thanks for paging me! I've thought about something like
+1
Mike West writes:
> The CSP spec should just delegate to HTML here. If/when HTML defines
> sandboxing with regard to Workers, CSP will just start using those hooks.
Reasonable, the issue also appears outside CSP: if I create a worker in
a sandboxed iframe, what should its origin be? (Or sho
Hey guys,
I am implementing CSP for Workers in Firefox, but like to get a
clarification on workers and the sandbox flag. Currently, a Worker can
inherit or be accompanied by a CSP header. As written, the implications
of the sandbox directive on the Worker context is not clear.
[Following up on h