from January 2013 by subject

'none' in a source list.

[webappsec] Agenda for 15-Jan-2013 Teleconference

[webappsec] minutes published

[webappsec] Proposed text for jsonp directives

Agenda for January 29 Teleconference

Browser Sandbox Security by internal attack

Comment on Content Security Policy 1.1, Draft of Dec 12 2012

CSP & data URIs

CSP & iframe subresources

CSP and comma-separated directives

CSP and inline styles

CSP interacting with HSTS

CSP, unsafe-eval and crypto.generateCRMFRequest

Frame-options move to the W3C

Heads up: proposal moving test repos to GitHub

Line numbers in Content Security Policy reports

Nonce for CSS, Signature of script, link, img?

Raising to the list (Re: ISSUE-29: What are sane defaults for clipping with clipping or selectors?)

Small, non-normative changes to CSP 1.1

When triggering default-src, report type of violation

Last message date: Thursday, 31 January 2013 09:55:46 UTC