from December 2011 by thread

CSP and HTML manipulation by Internet Access Providers Hendrik Brummermann (Thursday, 29 December)

[webappsec wg] Draft minutes from 12/20/2011 for approval on next call Hill, Brad (Friday, 30 December)

[webappsec WG] Security Considerations for CORS with credentials Hill, Brad (Thursday, 29 December)

[Bug 15312] New: lowercasing requirement for Access-Control-Request-Headers harmful (Thursday, 22 December)

Draft meetings from Dec 06 call Hill, Brad (Tuesday, 20 December)

RE: W3C WebAppSec WG F2F meeting Hill, Brad (Tuesday, 20 December)

CSP versus Content-Type on scripts and stylesheets Michal Zalewski (Tuesday, 20 December)

RE: W3C WebAppSec WG Meeting (regrets) Hodges, Jeff (Tuesday, 20 December)

Meeting reminder Hill, Brad (Monday, 19 December)

WebAppSec WG call agenda, Dec 20, 2011, 22:00-23:00 UTC Hill, Brad (Monday, 19 December)

CfC: CORS to advance to Last Call Hill, Brad (Monday, 19 December)

W3C WebAppSec WG Meeting Hill, Brad (Monday, 19 December)

no-external-navigation Michal Zalewski (Friday, 9 December)

Proposal: CSP "allow-modification" directive Collin Jackson (Thursday, 8 December)

ISSUE-4: Policy combination Adam Barth (Thursday, 8 December)

<object>, text/html, and object-src/frame-src Adam Barth (Tuesday, 6 December)

Minutes from two weeks ago Eric Rescorla (Tuesday, 6 December)

Sandbox directive Adam Barth (Monday, 5 December)

Testing CORS Arthur Barstow (Monday, 5 December)

Agenda for WebAppSec Call: Tuesday December 6 Eric Rescorla (Monday, 5 December)

Call for Exclusions: Content Security Policy Ian Jacobs (Thursday, 1 December)

Last message date: Friday, 30 December 2011 08:15:54 UTC