public-webappsec@w3.org from September 2012 by date

Saturday, 29 September 2012

• Re: CORS test status Boris Zbarsky

Thursday, 27 September 2012

• Re: unsafe-inline for style-src Bjoern Hoehrmann

Tuesday, 25 September 2012

• Re: CORS test status Odin Hørthe Omdal
• Re: CSP 1.1: Paths in source list definitions. Tanvi Vyas
• Regrets 9/25 Jacob Rossi
• Re: CORS test status Boris Zbarsky
• Re: CORS test status Toni Ruottu
• Re: CORS test status Boris Zbarsky
• Re: CORS test status Toni Ruottu
• Re: CORS test status Boris Zbarsky
• CORS test status gopal.raghavan@nokia.com
• RE: test Hill, Brad
• RE: test Kris Krueger
• RE: Agenda for September 25 Call Hill, Brad
• CfC: FPWD of UI Safety Directives for CSP Hill, Brad
• test Hodges, Jeff
• Re: [CSP] Extensions and user script? (Some feedback) Mike West
• Re: [CSP] Extensions and user script? (Some feedback) Odin Hørthe Omdal
• Re: CSP 1.1: Paths in source list definitions. Mike West
• Regrets for today's call. Brad Hill
• Re: CSP 1.1: Paths in source list definitions. Odin Hørthe Omdal
• Agenda for September 25 Call Eric Rescorla

Sunday, 23 September 2012

• Re: CSP connect-src and browser plugins Dan Veditz
• Re: CSP connect-src and browser plugins Adam Barth
• CSP connect-src and browser plugins Erlend Oftedal
• Re: CSP 1.1: Paths in source list definitions. Mike West

Thursday, 20 September 2012

• Re: unsafe-inline for style-src Adam Barth
• Re: unsafe-inline for style-src Giorgio Maone
• RE: unsafe-inline for style-src Hill, Brad
• Re: unsafe-inline for style-src Boris Zbarsky
• Re: unsafe-inline for style-src Adam Barth
• Re: unsafe-inline for style-src Boris Zbarsky
• Re: unsafe-inline for style-src Mike West
• Re: unsafe-inline for style-src Boris Zbarsky
• Re: unsafe-inline for style-src Adam Barth
• Re: unsafe-inline for style-src Boris Zbarsky
• Re: unsafe-inline for style-src Adam Barth
• Re: unsafe-inline for style-src Boris Zbarsky

Wednesday, 19 September 2012

• Re: CSP Sandbox directive and meta tag - CSP 1.1 Adam Barth
• Re: unsafe-inline for style-src Adam Barth
• RE: CSP Sandbox directive and meta tag - CSP 1.1 Erlend Oftedal
• RE: CSP Sandbox directive and meta tag - CSP 1.1 Jacob Rossi
• Re: CSP Sandbox directive and meta tag - CSP 1.1 Devdatta Akhawe
• Re: unsafe-inline for style-src Boris Zbarsky
• RE: CSP Sandbox directive and meta tag - CSP 1.1 Jacob Rossi

Tuesday, 18 September 2012

• Re: unsafe-inline for style-src Mike West
• CSP Sandbox directive and meta tag - CSP 1.1 Tanvi Vyas
• unsafe-inline for style-src Tanvi Vyas

Monday, 17 September 2012

• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid Hill, Brad
• Web Crypto WG - Web Crypto API going to FPWD GALINDO Virginie
• Re: CSP 1.0: relaxing mandated enforcing and monitoring to avoid probing and to avoid content being written to depend on CSP. Mike West

Sunday, 16 September 2012

• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid Fred Andrews
• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid probing and to avoid content being written to depend on CSP. Fred Andrews

Friday, 14 September 2012

• [webappsec] "certificates differ" text in CORS Hill, Brad
• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid Hill, Brad
• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid Erlend Oftedal
• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid Fred Andrews
• Re: CSP 1.0 browser compliance testing Mike West
• Re: CSP 1.0: relaxing mandated enforcing and monitoring to avoid probing and to avoid content being written to depend on CSP. Mike West
• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid Erlend Oftedal
• RE: CSP 1.0: relaxing mandated enforcing and monitoring to avoid probing and to avoid content being written to depend on CSP. Fred Andrews

Thursday, 13 September 2012

• RE: CSP 1.0 browser compliance testing Erlend Oftedal
• Re: CSP 1.0: relaxing mandated enforcing and monitoring to avoid probing and to avoid content being written to depend on CSP. Adam Barth
• CSP 1.0: relaxing mandated enforcing and monitoring to avoid probing and to avoid content being written to depend on CSP. Fred Andrews
• Re: ISSUE-6 comments addressed Adam Barth
• Re: ISSUE-6 comments addressed Mike West
• Re: some further Comments on Content Security Policy 1.0 Editor's Draft Adam Barth
• ISSUE-6 comments addressed Adam Barth

Wednesday, 12 September 2012

• RE: New clickjacking research published Hill, Brad
• Re: UI Safety - input protection obstruction check challenges Giorgio Maone
• UI Safety - input protection obstruction check challenges Fred Andrews

Tuesday, 11 September 2012

• Re: some further Comments on Content Security Policy 1.0 Editor's Draft =JeffH
• [webappsec] Agenda for today's WebAppSec WG call Hill, Brad
• RE: New clickjacking research published Fred Andrews

Monday, 10 September 2012

• RE: script-tag with html template-content Erlend Oftedal
• RE: script-tag with html template-content Erlend Oftedal

Tuesday, 11 September 2012

• RE: New clickjacking research published Fred Andrews
• webappsec-ISSUE-19 (Interaction of CSP and IRIs): How are non-ASCII characters handled in CSP Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-18 (CSP as risk assessment score): Use CSP to report app risk and compatibility with user specified restrictions Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-17 (Extension compat): CSP should take into account extensions which modify content Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-16 (CSP informs client, cannot restrict it): Editorial: CSP cannot dictate client behavior, only inform it Web Application Security Working Group Issue Tracker
• RE: [webappsec] Major update to UI Safety Jacob Rossi
• Re: New clickjacking research published David Lin-Shung Huang
• RE: New clickjacking research published Hill, Brad
• RE: [webappsec] Major update to UI Safety Hill, Brad
• Re: New clickjacking research published Fred Andrews
• [webappsec] Major update to UI Safety Hill, Brad

Monday, 10 September 2012

• Re: script-tag with html template-content Adam Barth
• script-tag with html template-content Oscar Finnsson
• Feedback on the Content Security Policy 1.0 Fred Andrews
• Re: CSP 1.0 browser compliance testing Odin Hørthe Omdal

Friday, 7 September 2012

• CSP 1.0 browser compliance testing Erlend Oftedal
• Re: Interaction of CSP and IRIs Boris Zbarsky
• Re: Interaction of CSP and IRIs Adam Barth
• Re: Interaction of CSP and IRIs Boris Zbarsky
• Re: [webappsec] Call for Consensus: Content Security Policy 1.0 to Candidate Recommendation Tanvi Vyas

Thursday, 6 September 2012

• Re: Interaction of CSP and IRIs Adam Barth
• Interaction of CSP and IRIs Boris Zbarsky
• Re: Call for Consensus: Content Security Policy 1.0 to Candidate Recommendation Adam Barth

Tuesday, 4 September 2012

• [webappsec] Call for Consensus: Content Security Policy 1.0 to Candidate Recommendation Hill, Brad

Monday, 3 September 2012

• Re: some further Comments on Content Security Policy 1.0 Editor's Draft Adam Barth
• CSP 1.1: Paths in source list definitions. Mike West
• Re: some further Comments on Content Security Policy 1.0 Editor's Draft Mike West

Last message date: Saturday, 29 September 2012 04:06:06 UTC