public-webappsec@w3.org from June 2016 by subject

[REFERRER] Combining referrer policies

• Francois Marier (Wednesday, 29 June)
• Daniel Veditz (Wednesday, 29 June)
• Ryan Townsend (Monday, 27 June)

[review] Performance API's, Security and Privacy

• Ilya Grigorik (Wednesday, 1 June)

[suborigins] Understanding the syntax

• chloe (Tuesday, 21 June)
• Artur Janc (Tuesday, 21 June)
• Mike West (Tuesday, 21 June)
• chloe (Monday, 20 June)

[UPGRADE] upgrade-insecure-request-with-fallback

• Tanvi Vyas (Thursday, 30 June)
• Peter Eckersley (Thursday, 2 June)

[webappsec] 6/15 call CANCELLED

• Brad Hill (Tuesday, 14 June)

[webappsec] Tomorrow's teleconference CANCELLED

• Brad Hill (Wednesday, 29 June)

[webappsec] Tomorrow's teleconference CANCELLED.

• Mike West (Wednesday, 1 June)

Accessing the same CORS-Resource from multiple sites

• Reto Gmür (Thursday, 30 June)
• Brad Hill (Tuesday, 28 June)
• Reto Gmür (Tuesday, 28 June)
• Daniel Veditz (Monday, 27 June)
• Reto Gmür (Monday, 27 June)

CORS restrictions on preflight (too) strict?

• Ruben Verborgh (Wednesday, 22 June)

CSP script-src - Allow Js Events

• Joel Weinberger (Friday, 10 June)
• Harssh Mahajan (Friday, 10 June)

Draft minutes from 16,17-May-2016 F2F @Mozilla, Mtn View

• Hodges, Jeff (Wednesday, 1 June)

Finalizing the shape of CSP ‘unsafe-dynamic’

• Mike West (Monday, 20 June)
• Devdatta Akhawe (Wednesday, 8 June)
• Artur Janc (Monday, 6 June)
• Mike West (Monday, 6 June)
• Devdatta Akhawe (Monday, 6 June)
• Mike West (Monday, 6 June)
• Devdatta Akhawe (Saturday, 4 June)
• Artur Janc (Friday, 3 June)
• Devdatta Akhawe (Friday, 3 June)
• Brad Hill (Friday, 3 June)
• Artur Janc (Friday, 3 June)
• Brad Hill (Friday, 3 June)
• Artur Janc (Thursday, 2 June)

Fwd: Subresource Integrity (SRI) is now a W3C Recommendation

• Daniel Veditz (Friday, 24 June)

SameSite cookies and SAML

• Devdatta Akhawe (Sunday, 19 June)
• Brad Hill (Sunday, 19 June)
• Reed Loden (Friday, 17 June)

SameSite=Strict cookies for a user entered URL

• Mike West (Monday, 20 June)
• Craig Francis (Monday, 13 June)

Should permission requests require a user gesture?

• Chris Palmer (Friday, 10 June)
• Jeffrey Yasskin (Thursday, 2 June)

upgrade-insecure-request-with-fallback

• Tanvi Vyas (Wednesday, 1 June)

VC meeting to discuss Permissions spec

• Martin Thomson (Thursday, 9 June)
• Chaals McCathie Nevile (Thursday, 9 June)
• Anne van Kesteren (Thursday, 9 June)
• Brad Hill (Wednesday, 8 June)
• Anne van Kesteren (Monday, 6 June)
• Jeffrey Yasskin (Thursday, 2 June)
• Harald Alvestrand (Thursday, 2 June)
• Xiaoqian Wu (Thursday, 2 June)
• Jeffrey Yasskin (Wednesday, 1 June)

Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’)

• Artur Janc (Wednesday, 8 June)
• Devdatta Akhawe (Wednesday, 8 June)
• Daniel Veditz (Wednesday, 8 June)
• Artur Janc (Wednesday, 8 June)
• Artur Janc (Wednesday, 8 June)
• Harssh Mahajan (Wednesday, 8 June)
• Artur Janc (Wednesday, 8 June)
• Brad Hill (Tuesday, 7 June)
• Mike West (Tuesday, 7 June)
• Artur Janc (Tuesday, 7 June)
• Brad Hill (Tuesday, 7 June)
• Mike West (Tuesday, 7 June)

Last message date: Thursday, 30 June 2016 23:16:49 UTC