Archamedis.NET - The Code Strikes Back!
SUPERCOMPUTER: what it sounded like before you bought it.


Web Standards... Drafts or Wishes?

So yes, I know I'm getting to CSP late but better late than not at all eh?

There seems to be major lag time between the drafts and whatever is happening IRL. Apparently back in 2016, the report-uri method in the CSP was deprecated in favor of a new reporting mechanism, report-to. The section of the draft for report-uri literally says:

Deprecated
This feature has been removed from the Web standards. Though some browsers may still support it, it is in the process of being dropped. Avoid using it and update existing code if possible; see the compatibility table at the bottom of this page to guide your decision. Be aware that this feature may cease to work at any time.

Ok! No problem! I read the above as don't use report-uri, use report-to.

So I head over to the report-to section in the same draft that was updated on Mar 29, 2018, 4:25:30 PM and its looking good until I get to the browser compatibility table. Literally nothing supports it... not even basic support. In 2 years, no movement? I get why their trying to move away from report-uri but 2 years? I'm glad I read through the whole section before I started coding. My carpal tunnel laden hands would have been sorely pissed.



Took 0.01s   -=[FFS v.3.3.2b (ffs-rel)]=-