W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2013

[webappsec] new draft of UI Security available

From: Hill, Brad <bhill@paypal-inc.com>
Date: Tue, 5 Mar 2013 05:32:00 +0000
To: "public-webappsec@w3.org" <public-webappsec@w3.org>
Message-ID: <370C9BEB4DD6154FA963E2F79ADC6F2E27950BCB@DEN-EXDDA-S12.corp.ebay.com>
A new Editors' Draft of UI Security is now available at:

https://dvcs.w3.org/hg/user-interface-safety/raw-file/0475e30847bf/user-interface-safety.html

This version changes the spec name from "UI Safety" to "UI Security", resolves most of the previously noted issues and TODOs in the FPWD, cleans up example language and markup, fills-in missing references, and addresses comments to the list, including recent review by David Ross.  It changes the ABNF of frame-options to allow multiple values for host-source, while discouraging this in non-normative discussion.

A complete diff with the FPWD can be viewed at:

http://services.w3.org/htmldiff?doc1=http%3A%2F%2Fwww.w3.org%2FTR%2FUISafety%2F&doc2=https%3A%2F%2Fdvcs.w3.org%2Fhg%2Fuser-interface-safety%2Fraw-file%2F0475e30847bf%2Fuser-interface-safety.html

I think we're getting pretty close on this one, actually.  I'd like to discuss publishing this as a new Working Draft on the next call, so detailed review is appreciated.

Thanks,

Brad Hill
Received on Tuesday, 5 March 2013 05:32:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 5 March 2013 05:32:29 GMT