public-webappsec@w3.org from January 2013 by thread

Nonce for CSS, Signature of script, link, img? Hendrik Brummermann (Thursday, 31 January)

• RE: Nonce for CSS, Signature of script, link, img? Hill, Brad (Thursday, 31 January)
  • Re: Nonce for CSS, Signature of script, link, img? Mountie Lee (Thursday, 31 January)
    • RE: Nonce for CSS, Signature of script, link, img? Hill, Brad (Thursday, 31 January)
      • Re: Nonce for CSS, Signature of script, link, img? Mountie Lee (Thursday, 31 January)
        • RE: Nonce for CSS, Signature of script, link, img? Hill, Brad (Thursday, 31 January)
          • Re: Nonce for CSS, Signature of script, link, img? Yoav Weiss (Thursday, 31 January)

Small, non-normative changes to CSP 1.1 Mike West (Tuesday, 29 January)

Agenda for January 29 Teleconference Eric Rescorla (Tuesday, 29 January)

• Re: Agenda for January 29 Teleconference Neil Matatall (Tuesday, 29 January)
  • Re: Agenda for January 29 Teleconference Ian Melven (Tuesday, 29 January)
    • Re: Agenda for January 29 Teleconference Neil Matatall (Tuesday, 29 January)
      • Re: Agenda for January 29 Teleconference Daniel Veditz (Tuesday, 29 January)
        • Re: Agenda for January 29 Teleconference Neil Matatall (Tuesday, 29 January)
          • Re: Agenda for January 29 Teleconference Daniel Veditz (Tuesday, 29 January)
            • RE: Agenda for January 29 Teleconference Fred Andrews (Wednesday, 30 January)
  • Re: Agenda for January 29 Teleconference Eric Rescorla (Tuesday, 29 January)
    • Re: Agenda for January 29 Teleconference Eric Rescorla (Tuesday, 29 January)
• Re: Agenda for January 29 Teleconference Tobias Gondrom (Tuesday, 29 January)

[webappsec] minutes published Hill, Brad (Monday, 28 January)

Raising to the list (Re: ISSUE-29: What are sane defaults for clipping with clipping or selectors?) Giorgio Maone (Saturday, 26 January)

Heads up: proposal moving test repos to GitHub Odin Hørthe Omdal (Tuesday, 22 January)

• Re: Heads up: proposal moving test repos to GitHub gopal.raghavan@nokia.com (Tuesday, 29 January)
  • Re: Heads up: proposal moving test repos to GitHub Robin Berjon (Wednesday, 30 January)
  • Re: Heads up: proposal moving test repos to GitHub Odin Hørthe Omdal (Wednesday, 30 January)

[webappsec] Agenda for 15-Jan-2013 Teleconference Hill, Brad (Tuesday, 15 January)

When triggering default-src, report type of violation Neil Matatall (Tuesday, 15 January)

• Re: When triggering default-src, report type of violation Mike West (Tuesday, 15 January)

CSP interacting with HSTS Ian Melven (Monday, 14 January)

• Re: CSP interacting with HSTS Adam Barth (Tuesday, 15 January)
  • Re: CSP interacting with HSTS Ian Melven (Tuesday, 15 January)

[webappsec] Proposed text for jsonp directives Hill, Brad (Saturday, 12 January)

Browser Sandbox Security by internal attack Mountie Lee (Friday, 11 January)

• RE: Browser Sandbox Security by internal attack Fred Andrews (Friday, 11 January)
  • Re: Browser Sandbox Security by internal attack Mountie Lee (Monday, 14 January)
    • RE: Browser Sandbox Security by internal attack Hill, Brad (Monday, 14 January)
      • Re: Browser Sandbox Security by internal attack Mountie Lee (Tuesday, 15 January)
        • RE: Browser Sandbox Security by internal attack Fred Andrews (Tuesday, 15 January)
          • Re: Browser Sandbox Security by internal attack Mountie Lee (Wednesday, 16 January)
            • RE: Browser Sandbox Security by internal attack Fred Andrews (Monday, 21 January)

CSP & iframe subresources Yoav Weiss (Friday, 11 January)

• Re: CSP & iframe subresources Adam Barth (Friday, 11 January)
  • Re: CSP & iframe subresources Daniel Veditz (Monday, 14 January)

CSP & data URIs Yoav Weiss (Thursday, 10 January)

• Re: CSP & data URIs Boris Zbarsky (Thursday, 10 January)
  • Re: CSP & data URIs Yoav Weiss (Thursday, 10 January)
    • Re: CSP & data URIs Adam Barth (Friday, 11 January)
      • Re: CSP & data URIs Yoav Weiss (Friday, 11 January)
        • Re: CSP & data URIs Adam Barth (Friday, 11 January)

CSP and comma-separated directives Yoav Weiss (Tuesday, 8 January)

• Re: CSP and comma-separated directives Julian Reschke (Tuesday, 8 January)
  • Re: CSP and comma-separated directives Daniel Veditz (Tuesday, 8 January)
• Re: CSP and comma-separated directives Daniel Veditz (Tuesday, 8 January)
• Re: CSP and comma-separated directives Adam Barth (Tuesday, 8 January)
  • Re: CSP and comma-separated directives Yoav Weiss (Wednesday, 9 January)

'none' in a source list. Mike West (Monday, 7 January)

• Re: 'none' in a source list. Ian Melven (Monday, 7 January)
  • Re: 'none' in a source list. Adam Barth (Monday, 7 January)

Re: CSP, unsafe-eval and crypto.generateCRMFRequest Adam Barth (Saturday, 5 January)

• Re: CSP, unsafe-eval and crypto.generateCRMFRequest Ian Melven (Monday, 7 January)

Re: Line numbers in Content Security Policy reports Adam Barth (Saturday, 5 January)

Re: Comment on Content Security Policy 1.1, Draft of Dec 12 2012 Adam Barth (Saturday, 5 January)

• Re: Comment on Content Security Policy 1.1, Draft of Dec 12 2012 Yoav Weiss (Tuesday, 8 January)
  • Re: Comment on Content Security Policy 1.1, Draft of Dec 12 2012 Mike West (Tuesday, 8 January)
    • Re: Comment on Content Security Policy 1.1, Draft of Dec 12 2012 Yoav Weiss (Tuesday, 8 January)
      • Re: Comment on Content Security Policy 1.1, Draft of Dec 12 2012 Mike West (Tuesday, 8 January)

Frame-options move to the W3C David Ross (Thursday, 3 January)

• Re: Frame-options move to the W3C Tobias Gondrom (Thursday, 3 January)

Re: CSP and inline styles Ian Melven (Tuesday, 1 January)

Last message date: Thursday, 31 January 2013 09:55:46 UTC