public-webappsec@w3.org from August 2013 by date

Friday, 30 August 2013

• Re: [webappsec] CSP: are blob uri's really just origin='self'? Ian Melven
• Re: [webappsec] CSP: are blob uri's really just origin='self'? Kyle Huey
• Re: [webappsec] CSP: are blob uri's really just origin='self'? Ian Melven
• Re: [webappsec] CSP: are blob uri's really just origin='self'? Ian Melven
• Re: [webappsec] CSP: are blob uri's really just origin='self'? Brad Hill
• Re: [webappsec] CSP: are blob uri's really just origin='self'? Brad Hill
• [webappsec] CSP: are blob uri's really just origin='self'? Brad Hill
• Re: Sub-origins Daniel Veditz

Thursday, 29 August 2013

• CORS to PR Brad Hill
• Re: Sub-origins Brad Hill
• Re: Sub-origins Michal Zalewski
• Re: Sub-origins Joel Weinberger
• Re: Sub-origins Brad Hill
• Re: Sub-origins Michal Zalewski
• Re: Sub-origins Joel Weinberger

Tuesday, 27 August 2013

• Re: Proposed CSRF countermeasure Michael Shema
• Re: Proposed CSRF countermeasure Brad Hill
• Re: Proposed CSRF countermeasure Michael Shema
• Agenda for 8/27/13 Conference Call Eric Rescorla
• Re: CSP 1.1 and image loading elements/attributes Anne van Kesteren

Monday, 26 August 2013

• Re: Sub-origins Brad Hill
• Re: Sub-origins Devdatta Akhawe
• Re: Sub-origins Brad Hill
• Re: Sub-origins Devdatta Akhawe
• Re: Sub-origins Brad Hill
• CSP 1.1 and image loading elements/attributes Yoav Weiss
• Re: Proposed CSRF countermeasure Brad Hill

Thursday, 22 August 2013

• Re: [CORS] Understanding the definition of simple headers Monsur Hossain

Wednesday, 21 August 2013

• Re: [CORS] Understanding the definition of simple headers Brad Hill
• Re: [CORS] Understanding the definition of simple headers Anne van Kesteren
• [CORS] Understanding the definition of simple headers Monsur Hossain

Tuesday, 20 August 2013

• Re: Proposed CSRF countermeasure Michael Shema
• Re: Proposed CSRF countermeasure John Wilander

Monday, 19 August 2013

• Re: Proposed CSRF countermeasure Michael Shema
• Re: Proposed CSRF countermeasure Michael Shema

Sunday, 18 August 2013

• Re: Proposed CSRF countermeasure Alex Russell
• Re: Proposed CSRF countermeasure Michal Zalewski

Thursday, 15 August 2013

• Proposed CSRF countermeasure Mike Shema

Friday, 16 August 2013

• Fwd: [webappsec + webapps] CORS to PR plans Brad Hill
• Re: [webappsec + webapps] CORS to PR plans Brad Hill
• Re: Audio & security Yoav Weiss

Tuesday, 13 August 2013

• Re: Audio & security Boris Smus

Monday, 12 August 2013

• [webappsec] Proposed Agenda for 13-Aug-2013 WebAppSec WG Teleconference Brad Hill
• ACTION-147 RFC script-hash proposal v2 Neil Matatall
• Re: [webappsec + webapps] CORS to PR plans Brad Hill
• Re: [webappsec + webapps] CORS to PR plans Brad Hill

Friday, 9 August 2013

• Audio & security Yoav Weiss

Wednesday, 7 August 2013

• Re: Supporting base64 in nonce-value Joel Weinberger
• Re: CSP 1.1: Nonce-source and unsafe-inline Garrett Robinson
• Re: Supporting base64 in nonce-value Garrett Robinson
• Re: CSP 1.1: Nonce-source and unsafe-inline Garrett Robinson

Tuesday, 6 August 2013

• Re: [webappsec + webapps] CORS to PR plans Anne van Kesteren
• Re: [webappsec + webapps] CORS to PR plans Arthur Barstow

Monday, 5 August 2013

• Re: [webappsec + webapps] CORS to PR plans Brad Hill
• Re: De-duplicating violation reports? Mike West
• Re: Supporting base64 in nonce-value Mike West
• Re: Sub-origins Mike West

Thursday, 1 August 2013

• Re: De-duplicating violation reports? Pete Freitag

Saturday, 3 August 2013

• Sub-origins Daniel Veditz
• Re: De-duplicating violation reports? Daniel Veditz

Friday, 2 August 2013

• Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report Henry Wong
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant
• Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky
• Including the Javascript stack trace in the ContentSecurityPolicy report Henry Wong

Thursday, 1 August 2013

• Re: De-duplicating violation reports? Mike West
• Re: De-duplicating violation reports? Devdatta Akhawe
• RE: De-duplicating violation reports? Neil Matatall
• RE: De-duplicating violation reports? Hill, Brad
• De-duplicating violation reports? Mike West

Last message date: Friday, 30 August 2013 22:11:23 UTC