- From: Notifier <notifier@aries.w3.org>
- Date: Tue, 09 Jun 2015 15:10:27 +0000
- To: public-review-announce@w3.org
- Message-Id: <E1Z2LAZ-0000zl-Nv@aries.w3.org>
Entry Point Regulation http://www.w3.org/TR/2015/WD-epr-20150609/ Abstract Entry Point Regulation aims to mitigate the risk of reflected cross-site scripting (XSS), cross-site script inclusion (XSSI), and cross-site request forgery (CSRF) attacks by demarcating the areas of an application which are intended to be externally referencable. A specified policy is applied on external requests for all non-demarcated resources. Status of the Document This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at http://www.w3.org/TR/. This document is a First Public Working Draft. Publication as a First Public Working Draft does not imply endorsement by the W3C Membership. This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress. Changes to this document may be tracked at https://github.com/w3c/webappsec. The (archived) public mailing list public-webappsec@w3.org (see instructions) is preferred for discussion of this specification. When sending e-mail, please put the text “EPR” in the subject, preferably like this: “[EPR] …summary of comment…” This document was produced by the Web Application Security Working Group. This document was produced by a group operating under the 5 February 2004 W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy. This document is governed by the 1 August 2014 W3C Process Document.
Received on Tuesday, 9 June 2015 15:10:29 UTC