public-webappsec@w3.org from July 2012 by date

Tuesday, 31 July 2012

[webappsec] adding data to CSP reports with DOM API Hill, Brad

Monday, 30 July 2012

RE: [webappsec] Call tomorrow CANCELLED - join WebSec @ IETF 84, 9:00-10:20 PST Hill, Brad
[webappsec] Call tomorrow CANCELLED - join WebSec @ IETF 84, 9:00-10:20 PST Hill, Brad

Friday, 27 July 2012

Re: CSP 1.1: Behavior when presented with an invalid plugin-types directive? Mike West

Monday, 23 July 2012

Re: CSP 1.1: Behavior when presented with an invalid plugin-types directive? Devdatta Akhawe
Re: CSP 1.1: Behavior when presented with an invalid plugin-types directive? Adam Barth
Re: CSP 1.1: Behavior when presented with an invalid plugin-types directive? Daniel Veditz
Re: CSP 1.1: Behavior when presented with an invalid plugin-types directive? Devdatta Akhawe
Re: CSP 1.1: Behavior when presented with an invalid plugin-types directive? Adam Barth
Re: CSP 1.1: Behavior when presented with an invalid plugin-types directive? Odin Hørthe Omdal
CSP 1.1: Behavior when presented with an invalid plugin-types directive? Mike West

Saturday, 21 July 2012

Re: Why the restriction on unauthenticated GET in CORS? Henry Story
Re: Why the restriction on unauthenticated GET in CORS? Eric Rescorla
Re: Why the restriction on unauthenticated GET in CORS? Henry Story
Re: Why the restriction on unauthenticated GET in CORS? Jonas Sicking

Friday, 20 July 2012

Re: Why the restriction on unauthenticated GET in CORS? Ian Hickson
Re: Why the restriction on unauthenticated GET in CORS? Henry Story
Re: Why the restriction on unauthenticated GET in CORS? Tab Atkins Jr.
Re: Why the restriction on unauthenticated GET in CORS? Henry Story
Re: Why the restriction on unauthenticated GET in CORS? Adam Barth
Re: Why the restriction on unauthenticated GET in CORS? Cameron Jones
Re: Why the restriction on unauthenticated GET in CORS? Adam Barth
Re: Why the restriction on unauthenticated GET in CORS? Cameron Jones
Re: Why the restriction on unauthenticated GET in CORS? Adam Barth

Thursday, 19 July 2012

Re: script and data uri Adam Barth
Re: script and data uri John J Barton
script and data uri David Bruant
Re: Secure dynamic JS compilation under CSP David Bruant
Re: Secure dynamic JS compilation under CSP Adam Barth
Re: Secure dynamic JS compilation under CSP John J Barton
Re: Secure dynamic JS compilation under CSP Adam Barth
Re: Secure dynamic JS compilation under CSP Tanvi Vyas
Re: Secure dynamic JS compilation under CSP John J Barton
Re: Secure dynamic JS compilation under CSP Eric Chen
Re: Secure dynamic JS compilation under CSP Adam Barth
Secure dynamic JS compilation under CSP John J Barton
Re: Why the restriction on unauthenticated GET in CORS? Cameron Jones
Re: Why the restriction on unauthenticated GET in CORS? Cameron Jones
Re: Why the restriction on unauthenticated GET in CORS? Anne van Kesteren
Re: Why the restriction on unauthenticated GET in CORS? Cameron Jones
Re: Why the restriction on unauthenticated GET in CORS? Eric Rescorla
Re: Why the restriction on unauthenticated GET in CORS? Anne van Kesteren
Re: Why the restriction on unauthenticated GET in CORS? Cameron Jones
Re: Why the restriction on unauthenticated GET in CORS? Henry Story
Re: Why the restriction on unauthenticated GET in CORS? Cameron Jones
Re: CSP 1.1: `script-nonce` and script interface edits. Eric Chen
Re: CSP 1.1: `script-nonce` and script interface edits. Mike West
Re: CSP 1.1: `script-nonce` and script interface edits. Eric Chen
CSP 1.1: `script-nonce` and script interface edits. Mike West

Wednesday, 18 July 2012

Re: Why the restriction on unauthenticated GET in CORS? Henry Story
Re: Why the restriction on unauthenticated GET in CORS? Ian Hickson
Why the restriction on unauthenticated GET in CORS? Henry Story

Tuesday, 17 July 2012

Re: CORS proxy - was: CORS security hole? Eric Rescorla
Re: CORS proxy - was: CORS security hole? Henry Story
Regarding Action 67 Tanvi Vyas
Re: CORS proxy - was: CORS security hole? Eric Rescorla
CORS proxy - was: CORS security hole? Henry Story
Re: CORS security hole? Dirk Pranke
[webappsec] Agenda for Telecon 17 Jul 2012 Hill, Brad
Re: CORS security hole? Henry Story
Re: CORS security hole? Adam Barth
Re: CORS security hole? Henry Story

Monday, 16 July 2012

Re: CORS security hole? Adam Barth
CORS security hole? Henry Story
[webappsec] TPAC registration and joint meetings Hill, Brad

Tuesday, 10 July 2012

Call for Exclusions: Content Security Policy Ian Jacobs
RE: [websec] Coordinating Frame-Options and CSP UI Safety directives Hill, Brad

Monday, 9 July 2012

Re: [websec] Coordinating Frame-Options and CSP UI Safety directives Tobias Gondrom
Re: [websec] Coordinating Frame-Options and CSP UI Safety directives Tobias Gondrom
Coordinating Frame-Options and CSP UI Safety directives Hill, Brad

Thursday, 5 July 2012

Wednesday, 4 July 2012

Re: webappsec-ISSUE-15 (SRCDOC, BLOB, ETC): How to handle srcdoc, blob:, di: and ways of directly creating content Odin Hørthe Omdal
Re: CSP 1.1: More granular source list definitions. Odin Hørthe Omdal
Re: some further Comments on Content Security Policy 1.0 Editor's Draft Adam Barth

Tuesday, 3 July 2012

Re: some further Comments on Content Security Policy 1.0 Editor's Draft =JeffH
webappsec-ISSUE-15 (SRCDOC, BLOB, ETC): How to handle srcdoc, blob:, di: and ways of directly creating content Web Application Security Working Group Issue Tracker
Re: some further Comments on Content Security Policy 1.0 Editor's Draft Adam Barth
Re: some further Comments on Content Security Policy 1.0 Editor's Draft =JeffH
Re: CSP 1.1: More granular source list definitions. Mike West
[webappsec] Telecon agenda for WebAppSec WG call of July 3 Hill, Brad
FW: TPAC 2012 Registration Hill, Brad

Monday, 2 July 2012

Re: CSP 1.1: More granular source list definitions. Tom Ritter
Re: CSP 1.1: More granular source list definitions. Odin Hørthe Omdal

Last message date: Tuesday, 31 July 2012 21:44:59 UTC