On Thu, 16 Jul 2009 03:48:41 +0200, Aryeh Gregor
<[email protected]> wrote:
On Wed, Jul 15, 2009 at 9:24 PM, Jonas Sicking<[email protected]> wrote:
Note that Content Security Policies[1] can be used to deal with
clickjacking. So far we've gotten a lot of positive feedback to CSP
and are in progress of implementing it in firefox. So it's a possible
solution to this.
Is Mozilla planning to run CSP through a usual standards body like the
W3C, either before or after implementation? If you plan to
standardize it after implementation, why not before instead? CSP
looks really exciting, but I'm not clear on whether or when it will be
standardized -- I've heard talk of implementing it, but not of
standardizing it.
Opera has been actively following up this problem with various browser
vendors (in particular) in the hopes of at least getting us all together
in a useful forum. If you're curious, Sigbjørn is our lead for this effort.
cheers
Chaals
--
Charles McCathieNevile Opera Software, Standards Group
je parle français -- hablo español -- jeg lærer norsk
http://my.opera.com/chaals Try Opera: http://www.opera.com
