public-webappsec@w3.org from September 2012 by thread

Regrets 9/25 Jacob Rossi (Tuesday, 25 September)

CORS test status gopal.raghavan@nokia.com (Tuesday, 25 September)

CfC: FPWD of UI Safety Directives for CSP Hill, Brad (Tuesday, 25 September)

test Hodges, Jeff (Tuesday, 25 September)

Re: [CSP] Extensions and user script? (Some feedback) Odin Hørthe Omdal (Tuesday, 25 September)

Regrets for today's call. Brad Hill (Tuesday, 25 September)

Agenda for September 25 Call Eric Rescorla (Tuesday, 25 September)

CSP connect-src and browser plugins Erlend Oftedal (Sunday, 23 September)

CSP Sandbox directive and meta tag - CSP 1.1 Tanvi Vyas (Tuesday, 18 September)

unsafe-inline for style-src Tanvi Vyas (Tuesday, 18 September)

[webappsec] "certificates differ" text in CORS Hill, Brad (Friday, 14 September)

RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid Erlend Oftedal (Friday, 14 September)

CSP 1.0: relaxing mandated enforcing and monitoring to avoid probing and to avoid content being written to depend on CSP. Fred Andrews (Thursday, 13 September)

ISSUE-6 comments addressed Adam Barth (Thursday, 13 September)

UI Safety - input protection obstruction check challenges Fred Andrews (Wednesday, 12 September)

Re: some further Comments on Content Security Policy 1.0 Editor's Draft =JeffH (Tuesday, 11 September)

[webappsec] Agenda for today's WebAppSec WG call Hill, Brad (Tuesday, 11 September)

webappsec-ISSUE-19 (Interaction of CSP and IRIs): How are non-ASCII characters handled in CSP Web Application Security Working Group Issue Tracker (Tuesday, 11 September)

webappsec-ISSUE-18 (CSP as risk assessment score): Use CSP to report app risk and compatibility with user specified restrictions Web Application Security Working Group Issue Tracker (Tuesday, 11 September)

webappsec-ISSUE-17 (Extension compat): CSP should take into account extensions which modify content Web Application Security Working Group Issue Tracker (Tuesday, 11 September)

webappsec-ISSUE-16 (CSP informs client, cannot restrict it): Editorial: CSP cannot dictate client behavior, only inform it Web Application Security Working Group Issue Tracker (Tuesday, 11 September)

Re: New clickjacking research published Fred Andrews (Tuesday, 11 September)

[webappsec] Major update to UI Safety Hill, Brad (Tuesday, 11 September)

script-tag with html template-content Oscar Finnsson (Monday, 10 September)

Feedback on the Content Security Policy 1.0 Fred Andrews (Monday, 10 September)

CSP 1.0 browser compliance testing Erlend Oftedal (Friday, 7 September)

Interaction of CSP and IRIs Boris Zbarsky (Thursday, 6 September)

Re: Call for Consensus: Content Security Policy 1.0 to Candidate Recommendation Adam Barth (Thursday, 6 September)

[webappsec] Call for Consensus: Content Security Policy 1.0 to Candidate Recommendation Hill, Brad (Tuesday, 4 September)

CSP 1.1: Paths in source list definitions. Mike West (Monday, 3 September)

Re: some further Comments on Content Security Policy 1.0 Editor's Draft Mike West (Monday, 3 September)

Last message date: Saturday, 29 September 2012 04:06:06 UTC