public-webappsec@w3.org from December 2011 by thread

CSP and HTML manipulation by Internet Access Providers Hendrik Brummermann (Thursday, 29 December)

• Re: CSP and HTML manipulation by Internet Access Providers Adam Barth (Friday, 30 December)

[webappsec wg] Draft minutes from 12/20/2011 for approval on next call Hill, Brad (Friday, 30 December)

[webappsec WG] Security Considerations for CORS with credentials Hill, Brad (Thursday, 29 December)

[Bug 15312] New: lowercasing requirement for Access-Control-Request-Headers harmful bugzilla@jessica.w3.org (Thursday, 22 December)

Draft meetings from Dec 06 call Hill, Brad (Tuesday, 20 December)

RE: W3C WebAppSec WG F2F meeting Hill, Brad (Tuesday, 20 December)

CSP versus Content-Type on scripts and stylesheets Michal Zalewski (Tuesday, 20 December)

RE: W3C WebAppSec WG Meeting (regrets) Hodges, Jeff (Tuesday, 20 December)

Meeting reminder Hill, Brad (Monday, 19 December)

WebAppSec WG call agenda, Dec 20, 2011, 22:00-23:00 UTC Hill, Brad (Monday, 19 December)

CfC: CORS to advance to Last Call Hill, Brad (Monday, 19 December)

• Re: CfC: CORS to advance to Last Call Arthur Barstow (Tuesday, 20 December)

W3C WebAppSec WG Meeting Hill, Brad (Monday, 19 December)

no-external-navigation Michal Zalewski (Friday, 9 December)

• Re: no-external-navigation Adam Barth (Monday, 12 December)

Proposal: CSP "allow-modification" directive Collin Jackson (Thursday, 8 December)

• Re: Proposal: CSP "allow-modification" directive Adam Barth (Thursday, 8 December)
  • Re: Proposal: CSP "allow-modification" directive Thomas Roessler (Friday, 9 December)
    • Re: Proposal: CSP "allow-modification" directive Adam Barth (Friday, 9 December)

ISSUE-4: Policy combination Adam Barth (Thursday, 8 December)

• RE: ISSUE-4: Policy combination Jacob Rossi (Thursday, 8 December)
• Re: ISSUE-4: Policy combination Giorgio Maone (Thursday, 8 December)
  • Re: ISSUE-4: Policy combination Eric Rescorla (Thursday, 8 December)
    • Re: ISSUE-4: Policy combination Giorgio Maone (Thursday, 8 December)
      • Re: ISSUE-4: Policy combination Adam Barth (Thursday, 8 December)
        • Re: ISSUE-4: Policy combination Brandon Sterne (Thursday, 8 December)
          • Re: ISSUE-4: Policy combination Adam Barth (Friday, 9 December)
            • RE: ISSUE-4: Policy combination Hill, Brad (Friday, 9 December)
            • Re: ISSUE-4: Policy combination Adam Barth (Friday, 9 December)
            • RE: ISSUE-4: Policy combination Hill, Brad (Friday, 9 December)
            • Re: ISSUE-4: Policy combination Brandon Sterne (Saturday, 10 December)
            • Re: ISSUE-4: Policy combination Adam Barth (Saturday, 10 December)
            • RE: ISSUE-4: Policy combination Jacob Rossi (Sunday, 11 December)

<object>, text/html, and object-src/frame-src Adam Barth (Tuesday, 6 December)

Minutes from two weeks ago Eric Rescorla (Tuesday, 6 December)

Sandbox directive Adam Barth (Monday, 5 December)

Testing CORS Arthur Barstow (Monday, 5 December)

Agenda for WebAppSec Call: Tuesday December 6 Eric Rescorla (Monday, 5 December)

Call for Exclusions: Content Security Policy Ian Jacobs (Thursday, 1 December)

Last message date: Friday, 30 December 2011 08:15:54 UTC