Tuesday, 30 April 2013
- Re: ACTION-115: Proposal for handling srcdoc
- Re: ACTION-115: Proposal for handling srcdoc
- Re: CSP and innerHTML
- RE: CSP and innerHTML
- Re: CSP and innerHTML
- RE: CSP and innerHTML
- RE: CSP and innerHTML
- CSP and innerHTML
- Re: ACTION-115: Proposal for handling srcdoc
- ACTION-115: Proposal for handling srcdoc
- ACTION-120: Proposal for handling custom elements
- ACTION-129: plugin-types inherits into plugin documents
- Re: [webappsec] Call for Consensus: CSP 1.1 to FPWD
- RE: [webappsec] Call for Consensus: CSP 1.1 to FPWD
- Re: [webappsec] Call for Consensus: CSP 1.1 to FPWD
Monday, 29 April 2013
Sunday, 28 April 2013
Saturday, 27 April 2013
- Re: Trimming the SecurityPolicy DOM interface
- Re: Trimming the SecurityPolicy DOM interface
- Re: Trimming the SecurityPolicy DOM interface
- Re: Trimming the SecurityPolicy DOM interface
- Re: CSP within frame constructed with "data:" URI?
- Re: Trimming the SecurityPolicy DOM interface
- Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import>
- script-src 'self' https://example.com 'nonce-nc34908WECd8f3'
- Trimming the SecurityPolicy DOM interface
- Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import>
- Minor edits to CSP 1.1
- Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import>
- Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import>
- Re: CSP within frame constructed with "data:" URI?
- Re: webappsec-ISSUE-48 (base uri): injection of a <base> tag to change effective location of relative resources [CSP 1.1]
- CSP within frame constructed with "data:" URI?
Friday, 26 April 2013
- FW: API coordination with TC39 (ECMAscript)
- Regrets (Re: [webappsec] remote participation resources)
- Re: webappsec-ISSUE-48 (base uri): injection of a <base> tag to change effective location of relative resources [CSP 1.1]
- webappsec-ISSUE-53 (UI Security model for composited drawing models): UI Security model for composited drawing models [UI Security]
Thursday, 25 April 2013
- webappsec-ISSUE-52 (unsafe DOM API): unsafe attribute requires every handler to check [UI Security]
- Re: webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import>
- webappsec-ISSUE-51: How to handle externally defined <element> with <link rel=import>
- webappsec-ISSUE-50: plugin-type directive and media source list for IE CLSID guids [CSP 1.1]
- webappsec-ISSUE-49: add http response code to report? [CSP 1.1]
- webappsec-ISSUE-48 (base uri): injection of a <base> tag to change effective location of relative resources [CSP 1.1]
- webappsec-ISSUE-47: Revisit combinations of header and meta tags [CSP 1.1]
- webappsec-ISSUE-46 (Does nonce make CSP header security-sensitive): Does inclusion of things like nonce make CSP a sensitive header? [CSP 1.1]
- [webappsec] remote participation resources
- Re: CSP and `picture`
Wednesday, 24 April 2013
- Re: [webappsec] CSP 1.0 bug? button type=image and img-src
- Re: [webappsec] CSP 1.0 bug? button type=image and img-src
- Re: [webappsec] CSP 1.0 bug? button type=image and img-src
Tuesday, 23 April 2013
- Re: [webappsec] CSP 1.0 bug? button type=image and img-src
- Re: [webappsec] Friday test jam preparation
- RE: [webappsec] CSP 1.0 bug? button type=image and img-src
- [webappsec] CSP 1.0 bug? button type=image and img-src
- [webappsec] Friday test jam preparation
- RE: [webappsec] Final logistics for F2F April 25-26
- [webappsec] Call today CANCELLED
Monday, 22 April 2013
Sunday, 21 April 2013
Saturday, 20 April 2013
- Re: CSP and `picture`
- Re: CSP 1.0 copy&paste error
- Re: Column numbers in violation reports.
- Column numbers in violation reports.
Friday, 19 April 2013
- [webappsec] Proposed agenda for next week's F2F
- Re: CSP when external script loads another external script?
Thursday, 18 April 2013
Wednesday, 17 April 2013
Tuesday, 16 April 2013
- Re: CORS Allow header in preflight response
- RE: CORS Allow header in preflight response
- Re: CORS Allow header in preflight response
- CORS Allow header in preflight response
Thursday, 11 April 2013
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
Wednesday, 10 April 2013
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
Tuesday, 9 April 2013
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Fwd: [filter-effects][css-masking] Move security model for resources to CSP
- Fwd: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
Monday, 8 April 2013
- [webappsec] Tomorrow's teleconference CANCELLED
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: CSP and `picture`
Sunday, 7 April 2013
Saturday, 6 April 2013
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- CSP and `picture`
Friday, 5 April 2013
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- Re: [filter-effects][css-masking] Move security model for resources to CSP
- [filter-effects][css-masking] Move security model for resources to CSP
Thursday, 4 April 2013
- [webappsec] Please register for April F2F
- RE: Moving our tests to GitHub (same as WebApps)
- Moving our tests to GitHub (same as WebApps)
- Re: [webapppsec] CfC: UI Security to WD
- [webapppsec] CfC: UI Security to WD