public-webappsec@w3.org from February 2012 by author

Adam Barth

• Re: Removing the same(ish) origin restriction on report-uri (Wednesday, 29 February)
• Re: CSP and cross-frame communication (Wednesday, 29 February)
• Re: Removing the same(ish) origin restriction on report-uri (Tuesday, 28 February)
• Removing the same(ish) origin restriction on report-uri (Tuesday, 28 February)
• Re: [webappsec] April F2F possibilities (Monday, 27 February)
• Re: [webappsec] 2/28 call (Friday, 24 February)
• ISSUE-7: Should the policy-uri directive be in CSP 1.0? (Wednesday, 22 February)
• Re: Rate SVG resources to CSP directive (Tuesday, 7 February)
• Re: CSP versus Content-Type on scripts and stylesheets (Friday, 3 February)
• Re: Two questions about violation reports (Thursday, 2 February)
• Re: Removing request-headers from CSP violation reports (Thursday, 2 February)
• Re: CSP versus Content-Type on scripts and stylesheets (Thursday, 2 February)
• Re: Rate SVG resources to CSP directive (Thursday, 2 February)
• Two questions about violation reports (Thursday, 2 February)
• Removing request-headers from CSP violation reports (Thursday, 2 February)
• Re: First policy policy (Action 34) (Thursday, 2 February)

Anne van Kesteren

• Re: [webappsec] Updated proposal for CORS security considerations (Wednesday, 15 February)
• Re: [webappsec] Updated proposal for CORS security considerations (Tuesday, 14 February)
• Re: W3C WebAppSec WG F2F meeting (Sunday, 5 February)

Daniel Veditz

• Re: [webappsec] 2/28 call (Tuesday, 28 February)
• Re: CSP and cross-frame communication (Monday, 27 February)
• Re: Rate SVG resources to CSP directive (Friday, 10 February)

David Bruant

• Re: CSP and cross-frame communication (Wednesday, 29 February)
• Re: CSP and cross-frame communication (Saturday, 25 February)
• Re: CSP and cross-frame communication (Wednesday, 15 February)
• Re: CSP and cross-frame communication (Wednesday, 15 February)
• CSP and cross-frame communication (Friday, 3 February)

David Lin-Shung Huang

• Re: [webappsec] straw man anti-clickjacking proposal (Tuesday, 28 February)
• Re: [webappsec] straw man anti-clickjacking proposal (Thursday, 23 February)
• Re: CSP versus Content-Type on scripts and stylesheets (Thursday, 2 February)

Eric Rescorla

• Draft minutes for 2012-02-14 Call (Tuesday, 28 February)
• Re: [webappsec] 2/28 call (Friday, 24 February)
• Agenda for February14 Conference Call (Tuesday, 14 February)

Giorgio Maone

• Re: [webappsec] straw man anti-clickjacking proposal (Tuesday, 28 February)
• Re: [webappsec] straw man anti-clickjacking proposal (Tuesday, 28 February)
• Re: [webappsec] 2/28 call (Friday, 24 February)

Hill, Brad

• [webappsec] Agenda for February 28 Conference Call (Tuesday, 28 February)
• [webappsec] call for tomorrow is on (Tuesday, 28 February)
• [webappsec] April F2F possibilities (Monday, 27 February)
• [webappsec] 2/28 call (Friday, 24 February)
• RE: [webappsec] Updated proposal for CORS security considerations (Tuesday, 14 February)
• RE: CSP and cross-frame communication (Tuesday, 14 February)
• [webappsec] Updated proposal for CORS security considerations (Monday, 6 February)
• RE: W3C WebAppSec WG F2F meeting (Monday, 6 February)
• RE: Two questions about violation reports (Thursday, 2 February)
• RE: Removing request-headers from CSP violation reports (Thursday, 2 February)

Hodges, Jeff

• RE: [webappsec] April F2F possibilities (Tuesday, 28 February)
• RE: [webappsec] 2/28 call (Monday, 27 February)

Jacob Rossi

• RE: [webappsec] 2/28 call (Friday, 24 February)
• RE: CSP and cross-frame communication (Wednesday, 15 February)
• RE: W3C WebAppSec WG F2F meeting (Monday, 6 February)

Michal Zalewski

• Re: CSP versus Content-Type on scripts and stylesheets (Friday, 3 February)

Philippe De Ryck

• Re: [webappsec] Updated proposal for CORS security considerations (Tuesday, 14 February)

rajesh.lal@nokia.com

• RE: W3C WebAppSec WG F2F meeting (Monday, 6 February)

Renata Hodovan

• Re: Rate SVG resources to CSP directive (Thursday, 9 February)
• Re: Rate SVG resources to CSP directive (Tuesday, 7 February)
• Rate SVG resources to CSP directive (Wednesday, 1 February)
• Rate SVG resources to CSP directive (Tuesday, 31 January)

Ware, Ryan R

• Re: Removing the same(ish) origin restriction on report-uri (Wednesday, 29 February)
• Re: [webappsec] April F2F possibilities (Tuesday, 28 February)
• Re: Removing the same(ish) origin restriction on report-uri (Tuesday, 28 February)
• Re: [webappsec] 2/28 call (Saturday, 25 February)

Web Application Security Working Group Issue Tracker

• webappsec-ISSUE-13 (URI Fragments in 1.1): Optionally include URI fragments in violation reports for v1.1 (Tuesday, 14 February)

Last message date: Wednesday, 29 February 2012 22:58:55 UTC