- From: Simone Onofri via GitHub <noreply@w3.org>
- Date: Tue, 17 Feb 2026 18:27:50 +0000
- To: public-security@w3.org
simoneonofri has just created a new issue for https://github.com/w3c/securityig: == Agenda: 2026-03-13 == placeholder for the agenda, feel free to add topics here **Post-Injection XSS Mitigation — Tab-Isolated Token Protocol (TITP)** Harsh Singhal (Amazon) to present his proposal for a post-injection XSS mitigation mechanism called the Tab-Isolated Token Protocol (TITP). The proposal introduces a new `TabOnly` cookie attribute and a cryptographic token pairing system for backend request validation after XSS injection. Goal is to collect feedback from the SING . Explainer: https://github.com/Harsh0/xss-mitigation-explainer Please view or discuss this issue at https://github.com/w3c/securityig/issues/42 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Tuesday, 17 February 2026 18:27:51 UTC