| CARVIEW |
Select Language
HTTP/2 200
date: Wed, 08 Oct 2025 21:53:36 GMT
content-type: text/html;charset=utf-8
content-encoding: gzip
content-location: 2131.html
vary: negotiate,Accept-Encoding
tcn: choice
last-modified: Mon, 11 Dec 2023 11:50:19 GMT
cache-control: max-age=21600
expires: Thu, 09 Oct 2025 03:53:36 GMT
x-backend: www-mirrors
x-request-id: 98b8df386ea77679
strict-transport-security: max-age=15552000; includeSubdomains; preload
content-security-policy: frame-ancestors 'self' https://cms.w3.org/ https://cms-dev.w3.org/; upgrade-insecure-requests
cf-cache-status: BYPASS
set-cookie: __cf_bm=.EnjfwnF6MzJivbEpSnvf36x6EMosnJMKqox9Y17KVg-1759960416-1.0.1.1-afrJ_skfhCnV4twM3_LZHf8dHvrXHRUbxWP3pUfuCXrElF.JaxISXZkgRgVjD7eAmBhVt3e5ToNmO2bcB7iqfV3fL5984Rg5YAW555tnJCM; path=/; expires=Wed, 08-Oct-25 22:23:36 GMT; domain=.w3.org; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 98b8df386ea77679-BLR
alt-svc: h3=":443"; ma=86400
ACTION-2131: Ask webappsec if csp is meant to block bookmarklets, and raise issue of a11y scripts that users explicitly request (not xss) - Accessible Platform Architectures Working Group Tracker
Janina Sajka <janina@rednote.net>, Matthew Atkinson <m.atkinson@samsung.com>, Chairs, Ruoxi Ran <ran@w3.org>, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 2131.html,v 1.2 2023/12/11 11:50:20 dmontalvo Exp $
Accessible Platform Architectures Working Group Issue Tracking
ACTION-2131: Ask webappsec if csp is meant to block bookmarklets, and raise issue of a11y scripts that users explicitly request (not xss)
Ask webappsec if csp is meant to block bookmarklets, and raise issue of a11y scripts that users explicitly request (not xss)
- State:
- open
- Person:
- Becky Gibson
- Due on:
- July 29, 2020
- Created on:
- May 10, 2017
- Associated Product:
- Spec reviews
- Related emails:
- Re: Agenda: APA WEEKLY Teleconference; Wednesday 22 July at 1600Z (from matkinson@paciellogroup.com on 2020-07-22)
- APA call minutes 2018-12-12 (from zimmermann@accesstechnologiesgroup.com on 2018-12-12)
- APA call minutes 2018-11-07 (from zimmermann@accesstechnologiesgroup.com on 2018-11-07)
- APA minutes 2017-08-23 (from zimmermann@accesstechnologiesgroup.com on 2017-08-23)
- minutes for June 21 (from Ted_Drake@intuit.com on 2017-06-21)
- Draft minutes of APA call on 2017-05-17 (from zimmermann@accesstechnologiesgroup.com on 2017-05-19)
- apa-ACTION-2131: Ask webappsec if csp is meant to block bookmarklets, and raise issue of a11y scripts that users explicitly request (not xss) (from sysbot+tracker@w3.org on 2017-05-10)
Related notes:
[MichaelC]: https://www.w3.org/WAI/APA/wiki/Content_Security_Policy_Level_3
22 Jul 2020, 16:38:21Latest editor's draft of webappsec https://w3c.github.io/webappsec-csp/ (Feb, 2019)
CSP open issues: https://github.com/w3c/webappsec/labels/CSP
No mailing list activity since early 2019.
Need to at least scan spec to create an informed issue.
Display change log.
Janina Sajka <janina@rednote.net>, Matthew Atkinson <m.atkinson@samsung.com>, Chairs, Ruoxi Ran <ran@w3.org>, Staff Contact
Tracker: documentation, (configuration for this group), originally developed by Dean Jackson, is developed and maintained by the Systems Team <w3t-sys@w3.org>.
$Id: 2131.html,v 1.2 2023/12/11 11:50:20 dmontalvo Exp $