public-webappsec@w3.org from August 2013 by thread

[webappsec] CSP: are blob uri's really just origin='self'? Brad Hill (Friday, 30 August)

Re: [webappsec] CSP: are blob uri's really just origin='self'? Ian Melven (Friday, 30 August)
- Re: [webappsec] CSP: are blob uri's really just origin='self'? Brad Hill (Friday, 30 August)
  - Re: [webappsec] CSP: are blob uri's really just origin='self'? Brad Hill (Friday, 30 August)
    - Re: [webappsec] CSP: are blob uri's really just origin='self'? Ian Melven (Friday, 30 August)
      - Re: [webappsec] CSP: are blob uri's really just origin='self'? Kyle Huey (Friday, 30 August)
        
        Re: [webappsec] CSP: are blob uri's really just origin='self'? Ian Melven (Friday, 30 August)

CORS to PR Brad Hill (Thursday, 29 August)

Agenda for 8/27/13 Conference Call Eric Rescorla (Tuesday, 27 August)

CSP 1.1 and image loading elements/attributes Yoav Weiss (Monday, 26 August)

Re: CSP 1.1 and image loading elements/attributes Anne van Kesteren (Tuesday, 27 August)

[CORS] Understanding the definition of simple headers Monsur Hossain (Wednesday, 21 August)

Re: [CORS] Understanding the definition of simple headers Anne van Kesteren (Wednesday, 21 August)
Re: [CORS] Understanding the definition of simple headers Brad Hill (Wednesday, 21 August)
- Re: [CORS] Understanding the definition of simple headers Monsur Hossain (Thursday, 22 August)

Proposed CSRF countermeasure Mike Shema (Thursday, 15 August)

Re: Proposed CSRF countermeasure Michal Zalewski (Sunday, 18 August)
- Re: Proposed CSRF countermeasure Michael Shema (Monday, 19 August)
Re: Proposed CSRF countermeasure Alex Russell (Sunday, 18 August)
- Re: Proposed CSRF countermeasure Michael Shema (Monday, 19 August)
Re: Proposed CSRF countermeasure John Wilander (Tuesday, 20 August)
- Re: Proposed CSRF countermeasure Michael Shema (Tuesday, 20 August)
  - Re: Proposed CSRF countermeasure Brad Hill (Monday, 26 August)
    - Re: Proposed CSRF countermeasure Michael Shema (Tuesday, 27 August)
      - Re: Proposed CSRF countermeasure Brad Hill (Tuesday, 27 August)
        
        Re: Proposed CSRF countermeasure Michael Shema (Tuesday, 27 August)

[webappsec] Proposed Agenda for 13-Aug-2013 WebAppSec WG Teleconference Brad Hill (Monday, 12 August)

ACTION-147 RFC script-hash proposal v2 Neil Matatall (Monday, 12 August)

Audio & security Yoav Weiss (Friday, 9 August)

Re: Audio & security Boris Smus (Tuesday, 13 August)
- Re: Audio & security Yoav Weiss (Friday, 16 August)

Re: CSP 1.1: Nonce-source and unsafe-inline Garrett Robinson (Wednesday, 7 August)

Re: CSP 1.1: Nonce-source and unsafe-inline Garrett Robinson (Wednesday, 7 August)

Re: [webappsec + webapps] CORS to PR plans Brad Hill (Monday, 5 August)

Re: [webappsec + webapps] CORS to PR plans Arthur Barstow (Tuesday, 6 August)
Re: [webappsec + webapps] CORS to PR plans Anne van Kesteren (Tuesday, 6 August)
Re: [webappsec + webapps] CORS to PR plans Brad Hill (Monday, 12 August)
- Re: [webappsec + webapps] CORS to PR plans Brad Hill (Monday, 12 August)
Re: [webappsec + webapps] CORS to PR plans Brad Hill (Friday, 16 August)
- Fwd: [webappsec + webapps] CORS to PR plans Brad Hill (Friday, 16 August)

Re: Supporting base64 in nonce-value Mike West (Monday, 5 August)

Re: Supporting base64 in nonce-value Garrett Robinson (Wednesday, 7 August)
- Re: Supporting base64 in nonce-value Joel Weinberger (Wednesday, 7 August)

Sub-origins Daniel Veditz (Saturday, 3 August)

Re: Sub-origins Mike West (Monday, 5 August)
- Re: Sub-origins Brad Hill (Monday, 26 August)
  - Re: Sub-origins Devdatta Akhawe (Monday, 26 August)
    - Re: Sub-origins Brad Hill (Monday, 26 August)
      - Re: Sub-origins Devdatta Akhawe (Monday, 26 August)
        
        Re: Sub-origins Brad Hill (Monday, 26 August)
        
        Re: Sub-origins Joel Weinberger (Thursday, 29 August)
        Re: Sub-origins Michal Zalewski (Thursday, 29 August)
        Re: Sub-origins Brad Hill (Thursday, 29 August)
        Re: Sub-origins Joel Weinberger (Thursday, 29 August)
        Re: Sub-origins Michal Zalewski (Thursday, 29 August)
        
        Re: Sub-origins Brad Hill (Thursday, 29 August)
        
        Re: Sub-origins Daniel Veditz (Friday, 30 August)

Including the Javascript stack trace in the ContentSecurityPolicy report Henry Wong (Friday, 2 August)

Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky (Friday, 2 August)
Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant (Friday, 2 August)
- Re: Including the Javascript stack trace in the ContentSecurityPolicy report Henry Wong (Friday, 2 August)
  - Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant (Friday, 2 August)
  - Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky (Friday, 2 August)
    - Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant (Friday, 2 August)
      - Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky (Friday, 2 August)
        
        Re: Including the Javascript stack trace in the ContentSecurityPolicy report Boris Zbarsky (Friday, 2 August)
        
        Re: Including the Javascript stack trace in the ContentSecurityPolicy report David Bruant (Friday, 2 August)

De-duplicating violation reports? Mike West (Thursday, 1 August)

RE: De-duplicating violation reports? Hill, Brad (Thursday, 1 August)
- RE: De-duplicating violation reports? Neil Matatall (Thursday, 1 August)
  - Re: De-duplicating violation reports? Devdatta Akhawe (Thursday, 1 August)
    - Re: De-duplicating violation reports? Mike West (Thursday, 1 August)
    - Re: De-duplicating violation reports? Daniel Veditz (Saturday, 3 August)
Re: De-duplicating violation reports? Pete Freitag (Thursday, 1 August)
- Re: De-duplicating violation reports? Mike West (Monday, 5 August)

Last message date: Friday, 30 August 2013 22:11:23 UTC