public-webappsec@w3.org from September 2014 by thread

Feature-detecting a Content Security Policy Marijn Haverbeke (Friday, 26 September)

[webappsec] Changing my organizational hats Brad Hill (Friday, 26 September)

Redirects and HSTS Anne van Kesteren (Friday, 26 September)

Re: Proposal: Prefer secure origins for powerful new web platform features Anne van Kesteren (Friday, 26 September)

Re: Verified Javascript for WebAppSec re-chartering? Harry Halpin (Wednesday, 24 September)

Looking for a home for a proposed Credential Management API. Mike West (Wednesday, 24 September)

Fwd: Verified Javascript for WebAppSec re-chartering? Harry Halpin (Wednesday, 24 September)

[webappsec] tomorrow's call CANCELLED Brad Hill (Wednesday, 24 September)

Subresource integrity in Chromium Joel Weinberger (Tuesday, 23 September)

[Integrity] Some comments on Cross-Origin leakage and content types Arjan Veenstra (Saturday, 20 September)

Proposal: not-a-scheme digest URI scheme, with graceful degradation Eduardo Robles Elvira (Saturday, 20 September)

[webappsec] Re-chartering discussions at TPAC Brad Hill (Wednesday, 17 September)

Review request for a few WebAppSec specs. Hill, Brad (Tuesday, 16 September)

[Integrity] Some comments on Subresource Integrity draft Ángel González (Monday, 15 September)

[webappsec] Poll: new teleconference time Hill, Brad (Monday, 15 September)

[MIX] Feedback on the private origin & self-signed certificate requirements Chen, Zhigao (Sunday, 14 September)

[CSP] compatibility between CSP1.1 and CSP2 Hatter Jiang OWS (Friday, 12 September)

Review request for a few WebAppSec specs. Mike West (Friday, 12 September)

HTML Imports vs unsafe-inline Jeffrey Yasskin (Thursday, 11 September)

[webappsec] Agenda: WebAppSec WG Teleconference 10-September-2014 08:00 PDT Brad Hill (Tuesday, 9 September)

CSP: Minimum cipher strength Erlend Oftedal (Monday, 8 September)

[CSP] why we do it! Kevin Hill (Monday, 8 September)

Re: XMLHttpRequest. Support for "OPTIONS *" method. Anne van Kesteren (Friday, 5 September)

Re: SRI: <a> vs integrity Julian Reschke (Thursday, 4 September)

CSP reports on eval() and inline Pawel Krawczyk (Wednesday, 3 September)

CfC: Publish a new WD of MIX. Mike West (Wednesday, 3 September)

webappsec-ISSUE-67: WebRTC via 'connect-src'? Web Application Security Working Group Issue Tracker (Wednesday, 3 September)

Re: Defining secure-enough origins. Chris Palmer (Tuesday, 2 September)

Re: [webappsec] Concluding the Last Call period for CSP Level 2 Mike West (Monday, 1 September)

Re: [CSP] Compatibility with 1.1 or 1.0 Mike West (Monday, 1 September)

Re: CSP Level 2 last call comment Mike West (Monday, 1 September)

Re: ISSUE-65: Does "no referrer" specify a state or is it a token? is a token with a space problematic? Mike West (Monday, 1 September)

Re: [CSP] may we have script-ancestors to protect JSONP call Anne van Kesteren (Monday, 1 September)

Re: [CSP] kill or delay child-src? Anne van Kesteren (Monday, 1 September)

Re: CSP for WebRTC Anne van Kesteren (Monday, 1 September)

Re: [CSP] Regarding style-src unsafe-eval and CSSOM Frederik Braun (Monday, 1 September)

Last message date: Monday, 29 September 2014 14:01:40 UTC