-
Notifications
You must be signed in to change notification settings - Fork 27
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
allow secure variant of scheme when only insecure is given #91
Comments
Actually, this is going to be CSP3 feature. We have an option to either branch, or have the same code base for all versions with upper version specifier.. |
I think we should just track the most recent version, as is done with most tooling for web features. |
Then we also need to support directives that exist in most recent version. |
6.1.10.3, 3, 2: If expression does not have a scheme-part ... changes the assumption that missing scheme in |
example:
|
See recent spec change here: w3c/webappsec-csp#25 (comment)
The text was updated successfully, but these errors were encountered: