Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CSP referrer error #202

Closed
laukstein opened this issue Jan 5, 2016 · 2 comments
Closed

CSP referrer error #202

laukstein opened this issue Jan 5, 2016 · 2 comments

Comments

@laukstein
Copy link

validator.w3.org/nu/ for header content-security-policy:referrer no-referrer shows

Error: Content-Security-Policy HTTP header: Bad content security policy: The referrer directive is not in the CSP specification yet.

No errors while checking trough html5.validator.nu.
Is validator.w3.org/nu/ outdated?

Spec https://w3c.github.io/webappsec-referrer-policy/, http://www.w3.org/TR/referrer-policy/, https://developer.mozilla.org/en-US/docs/Web/Security/CSP/CSP_policy_directives#referrer

@sideshowbarker
Copy link
Contributor

That message comes from a 3rd-party lib we use for CSP syntax checking. So please consider reporting the problem upstream at https://github.com/shapesecurity/salvation/issues

No errors while checking trough html5.validator.nu.
Is validator.w3.org/nu/ outdated?

html5.validator.nu is typically months out of date these days. validator.w3.org/nu/ is always kept up to date with the latest changes to the sources. In this case, CSP syntax checking was added just a few days ago.

@sideshowbarker
Copy link
Contributor

I’ve fixed this and pushed the change to https://validator.w3.org/nu/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants