Motivation: The directive 'plugin-types' allows developers to restrict which types of plugin can be loaded via <embed> or <object> html elements. The main point was to allow developers to block Flash in their pages. But Flash support has been discontinued. As noticed in https://github.com/w3c/webappsec-csp/issues/394, the 'plugin-types' directive also suffers from some security issues. So there is not much point in having this anymore, and it seems a good occasion to remove it.
None
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOzWxF4nxPt8-50fonALCNXw9Ez0qbvv7BAVCvX%3D7ezgiP9S8w%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOzWxF582BqLCaEXZccB2pH5F30Y0R2Mk%2B%2Bb6XHoBThUp4BogA%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAOzWxF6hpxoJYy6-b5RPVfaM_Autr7ULZ-Vxf50Gs9KyedPL0g%40mail.gmail.com.