On Thu, Dec 29, 2011 at 5:01 PM, =JeffH <[email protected]> wrote: > Adam Barth noted: >> I would also define the precise requirements for parsing all possible >> input sequences, but I understand that's not fashionable. > > By that, you are suggesting specification of parsing algorithms as done in > RFC6265 "HTTP State Management Mechanism", yes?
I actually think what we're doing for CSP is slightly better: http://www.w3.org/TR/CSP/#policies Adam _______________________________________________ websec mailing list [email protected] https://www.ietf.org/mailman/listinfo/websec
