On Sat, Jun 18, 2016 at 4:55 PM, Anne van Kesteren <[email protected]> wrote: > Isn't the problem more that if you use CSP to block outgoing > connections, WebRTC can be used for exfiltration during XSS?
I filed https://github.com/w3c/webappsec-csp/issues/92 to start the standards discussion. -- https://annevankesteren.nl/ _______________________________________________ dev-platform mailing list [email protected] https://lists.mozilla.org/listinfo/dev-platform
