Malika is churning out new tests on the last day of her internship: she's put Chrome in great shape to ship https://w3c.github.io/webappsec-csp/embedded/ … in Q1.
afaics https://w3c.github.io/webappsec-csp/embedded/#subsume-source-expressions … means that you can check whether a policy permits URLs with directory-level granularity?
-
-
by embedding a site with a CSP policy, without opt-in by the embedded site?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.