An extensible approach to browser security

Alex Russell posted some thoughts last year about how he wishes the W3C would architect the next version of the Content Security Policy.

I definitely agree with Alex that designing CSP as a library that uses other browser primitives would increase its long-term utility and make it compose better with other platform features.