Sorry. I just read that blink-dev thread 1 minute ago.
-
-
Replying to @BRIAN_____
: I wasn't being sarcastic, by the way. I really do value your feedback, even if it usually means I've done something wrong.
1 reply 0 retweets 0 likes -
Replying to @mikewest
Consistently poor timing on my part, as I only have time to read webappsec stuff after everything is supposedly done.
1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
: 1. Better late than never. 2. Nothing is ever done.
1 reply 0 retweets 1 like -
Replying to @mikewest
OK, then any way somebody could draw a picture that illustrates interaction of a page's CSP policy enforcement w/ Service Workers?
2 replies 0 retweets 0 likes -
Replying to @BRIAN_____
: Page --{Page's CSP}--> SW --{SW's CSP}--> Internet --> SW --{Page's CSP}--> Page. I'll try to make a prettier diagram.
1 reply 0 retweets 2 likes -
Replying to @mikewest
That's mos of what I want to know. I wonder how any web devs would know that or figure it out. Even as a full time spec reader...
1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
: I was thinking about that in the shower this morning. CSP focuses too much on algorithms and too little on the high-level goal.
1 reply 0 retweets 3 likes -
Replying to @mikewest
Let's quit our jobs, move into an ivory tower on a volcano in the middle of the Pacific, and write a book about this stuff!
1 reply 0 retweets 1 like -
Replying to @BRIAN_____
: Are you writing a book? You should write a book. I'd buy it!
2 replies 0 retweets 0 likes
I have an idea for a webappsec book but it requires at least one other person who actually knows something about the subject.
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.