- From: John Wilander <wilander@apple.com>
- Date: Mon, 11 Jul 2022 08:00:16 +0200
- To: Ganesh B <ganeshsurfs@gmail.com>
- Cc: public-privacycg@w3.org
- Message-id: <9B96FE8D-B3F0-4941-9FEF-F79A2FDDE4CA@apple.com>
Hi Ganesh! Web application security belongs with the WebAppSec Working Group in W3C, not the Privacy Community Group. Cookie blocking may be a fit for this group but it seems you are thinking of it from a security standpoint which again implies WebAppSec WG. Thanks! Regards, John > On Jul 10, 2022, at 19:21, Ganesh B <ganeshsurfs@gmail.com> wrote: > > Hello, > > Greetings. > > I think many of you have had been busy. A quick check and follow up on the browser security options. > > Anyone for sandboxing and sanity checks using a strict mode option? > > I am sure, this issue can be a great change maker. I see most bounties for hacks have been revolving around SSR, XSS, CSRF, and a couple in the OWASP top 10. > > I am definitely open to widen my view horizon in case anyone finds this as a low lying fruit of improvement. > > Have a nice day ahead. > > Regards, > Ganesh B > > > ---------- Forwarded message ---------- > From: Ganesh B <ganeshsurfs@gmail.com> > Date: Thursday, June 23, 2022 > Subject: Security Sandboxing Browser Features and Domains > To: public-privacycg@w3.org > > > Hello Team, > > Greetings. > > I just created and joined the w3c community here and it seems I may be knowing some of you somehow, directly/indirectly. > > I wanted to propose sharing of work on features and IP Process of Security Sandboxing (Feature/Domains) for the browsers. This focus is to create sandboxing of browsers to target XSS, CSRF, Cross Domain Shared/non-shared Cookie Access Blocking from third party domains. Possibly, ScriptInjection (urls, plus ...) as well. > > I have put a few thoughts here in the twitter post. I am sure most of you are working on something similar. > > Have a nice day ahead. > > Regards, > Ganesh B > >
Received on Monday, 11 July 2022 06:00:34 UTC