from August 2013 by thread

[webappsec] CSP: are blob uri's really just origin='self'? Brad Hill (Friday, 30 August)

CORS to PR Brad Hill (Thursday, 29 August)

Agenda for 8/27/13 Conference Call Eric Rescorla (Tuesday, 27 August)

CSP 1.1 and image loading elements/attributes Yoav Weiss (Monday, 26 August)

[CORS] Understanding the definition of simple headers Monsur Hossain (Wednesday, 21 August)

Proposed CSRF countermeasure Mike Shema (Thursday, 15 August)

[webappsec] Proposed Agenda for 13-Aug-2013 WebAppSec WG Teleconference Brad Hill (Monday, 12 August)

ACTION-147 RFC script-hash proposal v2 Neil Matatall (Monday, 12 August)

Audio & security Yoav Weiss (Friday, 9 August)

Re: CSP 1.1: Nonce-source and unsafe-inline Garrett Robinson (Wednesday, 7 August)

Re: [webappsec + webapps] CORS to PR plans Brad Hill (Monday, 5 August)

Re: Supporting base64 in nonce-value Mike West (Monday, 5 August)

Sub-origins Daniel Veditz (Saturday, 3 August)

Including the Javascript stack trace in the ContentSecurityPolicy report Henry Wong (Friday, 2 August)

De-duplicating violation reports? Mike West (Thursday, 1 August)

Last message date: Friday, 30 August 2013 22:11:23 UTC