public-webappsec@w3.org from February 2012 by thread

Draft minutes for 2012-02-14 Call Eric Rescorla (Tuesday, 28 February)

[webappsec] Agenda for February 28 Conference Call Hill, Brad (Tuesday, 28 February)

Removing the same(ish) origin restriction on report-uri Adam Barth (Tuesday, 28 February)

• Re: Removing the same(ish) origin restriction on report-uri Ware, Ryan R (Tuesday, 28 February)
  • Re: Removing the same(ish) origin restriction on report-uri Adam Barth (Tuesday, 28 February)
    • Re: Removing the same(ish) origin restriction on report-uri Ware, Ryan R (Wednesday, 29 February)
• Re: Removing the same(ish) origin restriction on report-uri Adam Barth (Wednesday, 29 February)

[webappsec] call for tomorrow is on Hill, Brad (Tuesday, 28 February)

[webappsec] April F2F possibilities Hill, Brad (Monday, 27 February)

• Re: [webappsec] April F2F possibilities Adam Barth (Monday, 27 February)
• Re: [webappsec] April F2F possibilities Ware, Ryan R (Tuesday, 28 February)
• RE: [webappsec] April F2F possibilities Hodges, Jeff (Tuesday, 28 February)

[webappsec] 2/28 call Hill, Brad (Friday, 24 February)

• Re: [webappsec] 2/28 call Adam Barth (Friday, 24 February)
  • RE: [webappsec] 2/28 call Jacob Rossi (Friday, 24 February)
• Re: [webappsec] 2/28 call Giorgio Maone (Friday, 24 February)
  • Re: [webappsec] 2/28 call Eric Rescorla (Friday, 24 February)
• Re: [webappsec] 2/28 call Ware, Ryan R (Saturday, 25 February)
• RE: [webappsec] 2/28 call Hodges, Jeff (Monday, 27 February)
• Re: [webappsec] 2/28 call Daniel Veditz (Tuesday, 28 February)

Re: [webappsec] straw man anti-clickjacking proposal David Lin-Shung Huang (Thursday, 23 February)

• Re: [webappsec] straw man anti-clickjacking proposal Giorgio Maone (Tuesday, 28 February)
  • Re: [webappsec] straw man anti-clickjacking proposal David Lin-Shung Huang (Tuesday, 28 February)
    • Re: [webappsec] straw man anti-clickjacking proposal Giorgio Maone (Tuesday, 28 February)

ISSUE-7: Should the policy-uri directive be in CSP 1.0? Adam Barth (Wednesday, 22 February)

webappsec-ISSUE-13 (URI Fragments in 1.1): Optionally include URI fragments in violation reports for v1.1 Web Application Security Working Group Issue Tracker (Tuesday, 14 February)

Agenda for February14 Conference Call Eric Rescorla (Tuesday, 14 February)

[webappsec] Updated proposal for CORS security considerations Hill, Brad (Monday, 6 February)

• Re: [webappsec] Updated proposal for CORS security considerations Philippe De Ryck (Tuesday, 14 February)
• Re: [webappsec] Updated proposal for CORS security considerations Anne van Kesteren (Tuesday, 14 February)
  • RE: [webappsec] Updated proposal for CORS security considerations Hill, Brad (Tuesday, 14 February)
    • Re: [webappsec] Updated proposal for CORS security considerations Anne van Kesteren (Wednesday, 15 February)

Re: W3C WebAppSec WG F2F meeting Anne van Kesteren (Sunday, 5 February)

• RE: W3C WebAppSec WG F2F meeting Hill, Brad (Monday, 6 February)
  • RE: W3C WebAppSec WG F2F meeting Jacob Rossi (Monday, 6 February)
    • RE: W3C WebAppSec WG F2F meeting rajesh.lal@nokia.com (Monday, 6 February)

CSP and cross-frame communication David Bruant (Friday, 3 February)

• RE: CSP and cross-frame communication Hill, Brad (Tuesday, 14 February)
  • Re: CSP and cross-frame communication David Bruant (Wednesday, 15 February)
    • RE: CSP and cross-frame communication Jacob Rossi (Wednesday, 15 February)
      • Re: CSP and cross-frame communication David Bruant (Wednesday, 15 February)
        • Re: CSP and cross-frame communication David Bruant (Saturday, 25 February)
          • Re: CSP and cross-frame communication Daniel Veditz (Monday, 27 February)
            • Re: CSP and cross-frame communication David Bruant (Wednesday, 29 February)
            • Re: CSP and cross-frame communication Adam Barth (Wednesday, 29 February)

Re: CSP versus Content-Type on scripts and stylesheets Adam Barth (Thursday, 2 February)

• Re: CSP versus Content-Type on scripts and stylesheets David Lin-Shung Huang (Thursday, 2 February)
• Re: CSP versus Content-Type on scripts and stylesheets Michal Zalewski (Friday, 3 February)
  • Re: CSP versus Content-Type on scripts and stylesheets Adam Barth (Friday, 3 February)

Two questions about violation reports Adam Barth (Thursday, 2 February)

• RE: Two questions about violation reports Hill, Brad (Thursday, 2 February)
  • Re: Two questions about violation reports Adam Barth (Thursday, 2 February)

Removing request-headers from CSP violation reports Adam Barth (Thursday, 2 February)

• RE: Removing request-headers from CSP violation reports Hill, Brad (Thursday, 2 February)
  • Re: Removing request-headers from CSP violation reports Adam Barth (Thursday, 2 February)

Re: First policy policy (Action 34) Adam Barth (Thursday, 2 February)

Rate SVG resources to CSP directive Renata Hodovan (Tuesday, 31 January)

• Rate SVG resources to CSP directive Renata Hodovan (Wednesday, 1 February)
  • Re: Rate SVG resources to CSP directive Adam Barth (Thursday, 2 February)
    • Re: Rate SVG resources to CSP directive Renata Hodovan (Tuesday, 7 February)
      • Re: Rate SVG resources to CSP directive Adam Barth (Tuesday, 7 February)
        • Re: Rate SVG resources to CSP directive Renata Hodovan (Thursday, 9 February)
    • Re: Rate SVG resources to CSP directive Daniel Veditz (Friday, 10 February)

Last message date: Wednesday, 29 February 2012 22:58:55 UTC