public-webappsec@w3.org from July 2015 by subject

[clear-site-data] implications on autofill / autocomplete behavior by browsers

[credential-management] Identity at Mozilla

[EPR] initial feedback

[mixed-content] DASH Players and Mixed Content

[powerful-features] Talking about the "incumbent settings object" of a document makes no sense

[powerful-features] The note about responsible documents and workers makes no sense

[powerful-features] Use of the active document in defining a secure context is fishy

[webappsec] CfC: Proposed non-normative updates to CORS

[webappsec] Monday's call CANCELLED

[webappsec] New stylesheets for TRs

Ambitious charter timeline

Application Hash exchange between client and server

Call for Exclusions (Update): Credential Management Level 1

Call for Exclusions (Update): The Permissions API

Call for Exclusions: Content Security Policy Level 2

CfC: Clear Site Data to FPWD; deadline July 24th.

CfC: Mixed Content to PR; deadline July 6th.

CfC: Republish MIX as CR; deadline July 29th.

CLEAR: Moved to WebAppSec repository.

Coming back to CREDENTIAL.

CSP2: Drop 'unsafe-redirect'.

CSP: Blob URLs in new windows.

Definition of secure origin in MIX and POWER

Directions to Mozilla Berlin (Re: Draft agenda for Berlin F2F)

Draft agenda for Berlin F2F

Garage4Hackers Mobile Application CTF is up

Guests at Berlin F2F

Permissions management, IoT/embedded devices and the permissions API

Post-Zakim calls? (Re: [webappsec] Teleconference Agenda 29-Jun)

Programmatically declaring the CSP of an iframe

SRI fail open behaviour

Suggestion for code exposure security

Testing W3C's HTTPS setup

UPGRADE: 'HTTPS' header causing compatibility issues.

WebAppSec Teleconference Agenda

Last message date: Friday, 31 July 2015 20:23:11 UTC