Add goal for transitioning websites to save states

As mentioned at <mozilla/standards-positions#20 (comment)>.
w3c · Jan 17, 2024 · 5726e11 · 5726e11
1 parent e8fb14f
commit 5726e11
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/spec/index.bs b/spec/index.bs
@@ -95,6 +95,11 @@ monitor and review.
 *   Encourage a design in which security decisions are
     encapsulated within a small part of the application.
 
+*   Enable transitioning existing websites to call alternative save methods to
+    [[#dom-xss-injection-sinks]]. Potentially with support of the <a
+    http-header>Content-Security-Policy-Report-Only</a> HTTP response header
+    field.
+
 *   Reduce security review surface for complex web application
     codebases.