public-webappsec@w3.org from April 2013 by date

Tuesday, 30 April 2013

• Re: ACTION-115: Proposal for handling srcdoc Devdatta Akhawe
• Re: ACTION-115: Proposal for handling srcdoc Adam Barth
• Re: CSP and innerHTML Eduardo' Vela
• RE: CSP and innerHTML Hill, Brad
• Re: CSP and innerHTML Eduardo' Vela
• RE: CSP and innerHTML Carson, Cory
• RE: CSP and innerHTML Hill, Brad
• CSP and innerHTML Ian Melven
• Re: ACTION-115: Proposal for handling srcdoc Devdatta Akhawe
• ACTION-115: Proposal for handling srcdoc Adam Barth
• ACTION-120: Proposal for handling custom elements Adam Barth
• ACTION-129: plugin-types inherits into plugin documents Adam Barth
• Re: [webappsec] Call for Consensus: CSP 1.1 to FPWD Adam Barth
• RE: [webappsec] Call for Consensus: CSP 1.1 to FPWD Hill, Brad
• Re: [webappsec] Call for Consensus: CSP 1.1 to FPWD Adam Barth

Monday, 29 April 2013

• Re: Trimming the SecurityPolicy DOM interface Eduardo' Vela
• Re: Trimming the SecurityPolicy DOM interface Ian Melven

Sunday, 28 April 2013

• RE: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import> Hill, Brad

Saturday, 27 April 2013

• Re: Trimming the SecurityPolicy DOM interface Eduardo' Vela
• Re: Trimming the SecurityPolicy DOM interface Eduardo' Vela
• Re: Trimming the SecurityPolicy DOM interface Adam Barth
• Re: Trimming the SecurityPolicy DOM interface Devdatta Akhawe
• Re: CSP within frame constructed with "data:" URI? James Marshall
• Re: Trimming the SecurityPolicy DOM interface Alex Russell
• Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import> Dimitri Glazkov
• script-src 'self' https://example.com 'nonce-nc34908WECd8f3' Adam Barth
• Trimming the SecurityPolicy DOM interface Adam Barth
• Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import> Adam Barth
• Minor edits to CSP 1.1 Adam Barth
• Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import> Dimitri Glazkov
• Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import> Adam Barth
• Re: CSP within frame constructed with "data:" URI? Adam Barth
• Re: webappsec-ISSUE-48 (base uri): injection of a <base> tag to change effective location of relative resources [CSP 1.1] Adam Barth
• CSP within frame constructed with "data:" URI? James Marshall

Friday, 26 April 2013

• FW: API coordination with TC39 (ECMAscript) Hill, Brad
• Regrets (Re: [webappsec] remote participation resources) Giorgio Maone
• Re: webappsec-ISSUE-48 (base uri): injection of a <base> tag to change effective location of relative resources [CSP 1.1] Anne van Kesteren
• webappsec-ISSUE-53 (UI Security model for composited drawing models): UI Security model for composited drawing models [UI Security] Web Application Security Working Group Issue Tracker

Thursday, 25 April 2013

• webappsec-ISSUE-52 (unsafe DOM API): unsafe attribute requires every handler to check [UI Security] Web Application Security Working Group Issue Tracker
• Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import> Anne van Kesteren
• webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import> Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-50: plugin-type directive and media source list for IE CLSID guids [CSP 1.1] Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-49: add http response code to report? [CSP 1.1] Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-48 (base uri): injection of a <base> tag to change effective location of relative resources [CSP 1.1] Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-47: Revisit combinations of header and meta tags [CSP 1.1] Web Application Security Working Group Issue Tracker
• webappsec-ISSUE-46 (Does nonce make CSP header security-sensitive): Does inclusion of things like nonce make CSP a sensitive header? [CSP 1.1] Web Application Security Working Group Issue Tracker
• [webappsec] remote participation resources Hill, Brad
• Re: CSP and `picture` Daniel Veditz

Wednesday, 24 April 2013

• Re: [webappsec] CSP 1.0 bug? button type=image and img-src Adam Barth
• Re: [webappsec] CSP 1.0 bug? button type=image and img-src Yoav Weiss
• Re: [webappsec] CSP 1.0 bug? button type=image and img-src Anne van Kesteren

Tuesday, 23 April 2013

• Re: [webappsec] CSP 1.0 bug? button type=image and img-src Adam Barth
• Re: [webappsec] Friday test jam preparation Erlend Oftedal
• RE: [webappsec] CSP 1.0 bug? button type=image and img-src Hill, Brad
• [webappsec] CSP 1.0 bug? button type=image and img-src Hill, Brad
• [webappsec] Friday test jam preparation Hill, Brad
• RE: [webappsec] Final logistics for F2F April 25-26 Hill, Brad
• [webappsec] Call today CANCELLED Hill, Brad

Monday, 22 April 2013

• [webappsec] Final logistics for F2F April 25-26 Hill, Brad
• Re: CORS Allow header in preflight response Anne van Kesteren

Sunday, 21 April 2013

• Re: Column numbers in violation reports. Eduardo' Vela

Saturday, 20 April 2013

• Re: CSP and `picture` Adam Barth
• Re: CSP 1.0 copy&paste error Adam Barth
• Re: Column numbers in violation reports. Adam Barth
• Column numbers in violation reports. Mike West

Friday, 19 April 2013

• [webappsec] Proposed agenda for next week's F2F Hill, Brad
• Re: CSP when external script loads another external script? Anne van Kesteren

Thursday, 18 April 2013

• CSP when external script loads another external script? James Marshall

Wednesday, 17 April 2013

• RE: CSP, Remote-Only Mode, and Browser Extensions Hill, Brad
• CSP, Remote-Only Mode, and Browser Extensions Tom Ritter

Tuesday, 16 April 2013

• Re: CORS Allow header in preflight response Bjoern Hoehrmann
• RE: CORS Allow header in preflight response Pellerin, Clement
• Re: CORS Allow header in preflight response Anne van Kesteren
• CORS Allow header in preflight response Pellerin, Clement

Thursday, 11 April 2013

• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren

Wednesday, 10 April 2013

• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Robert O'Callahan
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Robert O'Callahan

Tuesday, 9 April 2013

• Re: [filter-effects][css-masking] Move security model for resources to CSP Daniel Holbert
• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Robert O'Callahan
• Fwd: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Fwd: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Robert O'Callahan
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Robert O'Callahan
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Bjoern Hoehrmann

Monday, 8 April 2013

• [webappsec] Tomorrow's teleconference CANCELLED Hill, Brad
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: CSP and `picture` Frederik Braun

Sunday, 7 April 2013

• [Bug 21608] New: 7.2 "Resource Sharing Check" does not specify how to handle a space separated list in Access-Control-Allow-Origin bugzilla@jessica.w3.org

Saturday, 6 April 2013

• Re: [filter-effects][css-masking] Move security model for resources to CSP Bjoern Hoehrmann
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• CSP and `picture` Yoav Weiss

Friday, 5 April 2013

• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• Re: [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze
• Re: [filter-effects][css-masking] Move security model for resources to CSP Mike West
• Re: [filter-effects][css-masking] Move security model for resources to CSP Anne van Kesteren
• [filter-effects][css-masking] Move security model for resources to CSP Dirk Schulze

Thursday, 4 April 2013

• [webappsec] Please register for April F2F Hill, Brad
• RE: Moving our tests to GitHub (same as WebApps) Hill, Brad
• Moving our tests to GitHub (same as WebApps) Odin Hørthe Omdal
• Re: [webapppsec] CfC: UI Security to WD Mike West
• [webapppsec] CfC: UI Security to WD Hill, Brad

Wednesday, 3 April 2013

• Please register this week for April 25-26 F2F Wendy Seltzer

Last message date: Tuesday, 30 April 2013 21:01:51 UTC