public-webappsec@w3.org from June 2013 by author

Adam Barth

• Supporting base64 in nonce-value (Saturday, 29 June)
• Re: CSP: origin from a URL (Friday, 28 June)
• Re: [webappsec] CSP reporting and sandbox directive (Thursday, 27 June)
• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)
• Re: CSP: origin from a URL (Wednesday, 26 June)
• Re: CSP: connect-src (Wednesday, 26 June)
• Re: CSP: error handling (Wednesday, 26 June)
• Re: CSP: origin from a URL (Wednesday, 26 June)
• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)
• Re: policy-uri proposal (ACTION 97) (Monday, 24 June)
• Re: Fetching contexts (Sunday, 23 June)
• Re: Fetching contexts (Sunday, 23 June)
• Re: Fetching contexts (Sunday, 23 June)
• Re: CSP: connect-src (Sunday, 23 June)
• Re: [webappsec-testsuite] New test server for CSP testing. (Sunday, 23 June)
• Re: meta restrictions (ACTION 109) (Sunday, 23 June)
• Re: policy-uri proposal (ACTION 97) (Sunday, 23 June)
• Re: Possible bug in algorithm to match a source expression? (Sunday, 23 June)
• Re: Agenda for June 4 Teleconference (Tuesday, 4 June)
• Re: Specifying nonce-source for every directive (Sunday, 2 June)
• Re: Specifying nonce-source for every directive (Sunday, 2 June)
• Re: broadening default-src semantics (Saturday, 1 June)

Anne van Kesteren

• Re: CSP: origin from a URL (Thursday, 27 June)
• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)
• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)
• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)
• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)
• Re: CSP: origin from a URL (Wednesday, 26 June)
• Re: CSP: connect-src (Tuesday, 25 June)
• Re: CSP: error handling (Tuesday, 25 June)
• CSP: origin from a URL (Tuesday, 25 June)
• Re: policy-uri proposal (ACTION 97) (Tuesday, 25 June)
• Re: Fetching contexts (Monday, 24 June)
• Re: Fetching contexts (Monday, 24 June)
• Re: Fetching contexts (Monday, 24 June)
• Re: policy-uri proposal (ACTION 97) (Monday, 24 June)
• Re: policy-uri proposal (ACTION 97) (Monday, 24 June)
• Re: Fetching contexts (Friday, 21 June)
• Re: Fetching contexts (Friday, 21 June)
• Re: CORS Allow header in preflight response (Thursday, 20 June)
• Re: Fetching contexts (Thursday, 20 June)
• Re: CSP: connect-src (Thursday, 20 June)
• CSP: connect-src (Thursday, 20 June)
• Fetching contexts (Thursday, 6 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Saturday, 1 June)

Arthur Barstow

• Re: webappsec tests moved to GitHub (Thursday, 6 June)
• Fwd: webappsec tests moved to GitHub (Wednesday, 5 June)

Bjoern Hoehrmann

• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)

Boris Zbarsky

• Re: Fetching contexts (Monday, 24 June)
• Re: Fetching contexts (Monday, 24 June)
• Re: Fetching contexts (Sunday, 23 June)
• Re: Fetching contexts (Thursday, 20 June)
• Re: Fetching contexts (Thursday, 6 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Sunday, 2 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Sunday, 2 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Sunday, 2 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Sunday, 2 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Saturday, 1 June)

Brad Hill

• Re: [webappsec-testsuite] New test server for CSP testing. (Sunday, 23 June)
• Re: Content Security Policy (Monday, 17 June)
• Re: Content Security Policy (Monday, 17 June)

Bryan McQuade

• Re: Content Security Policy (Monday, 17 June)
• Re: Content Security Policy (Monday, 17 June)

bugzilla@jessica.w3.org

• [Bug 22256] New: Add a note regarding first line of defense. (Tuesday, 4 June)

Charlie Du

• Re: [whatwg] Cross-Origin Cookies Sharing Proposal (Tuesday, 25 June)

Daniel Veditz

• Re: CSP: origin from a URL (Friday, 28 June)
• Re: [webappsec] CSP reporting and sandbox directive (Thursday, 27 June)
• Re: policy-uri proposal (ACTION 97) (Wednesday, 26 June)
• Re: policy-uri proposal (ACTION 97) (Monday, 24 June)
• Re: Cross-Origin Cookies Sharing Proposal (Friday, 21 June)
• Re: Cross-Origin Cookies Sharing Proposal (Friday, 21 June)
• meta restrictions (ACTION 109) (Tuesday, 18 June)
• policy-uri proposal (ACTION 97) (Tuesday, 18 June)
• Re: cspBuilder Wizard (Tuesday, 18 June)
• Re: broadening default-src semantics (Saturday, 1 June)

David Lin-Shung Huang

• Re: Cross-domain information leak with UI Security Directives (Tuesday, 11 June)
• Re: Cross-domain information leak with UI Security Directives (Monday, 3 June)

Devdatta Akhawe

• Re: Cross-domain information leak with UI Security Directives (Tuesday, 11 June)
• Re: Cross-domain information leak with UI Security Directives (Tuesday, 11 June)
• Re: Specifying nonce-source for every directive (Sunday, 2 June)
• Re: broadening default-src semantics (Saturday, 1 June)

Dirk Schulze

• Re: Fetching contexts (Sunday, 23 June)
• Re: Fetching contexts (Sunday, 23 June)
• Re: Fetching contexts (Thursday, 20 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Thursday, 6 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Sunday, 2 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Sunday, 2 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Saturday, 1 June)
• Re: [filter-effects][css-masking] Move security model for resources to CSP (Saturday, 1 June)

Eric Rescorla

• Today's call cancelled (Tuesday, 18 June)
• Re: Agenda for June 4 Teleconference (Tuesday, 4 June)
• Agenda for June 4 Teleconference (Tuesday, 4 June)

Garrett Robinson

• Re: Specifying nonce-source for every directive (Tuesday, 11 June)
• Specifying nonce-source for every directive (Friday, 31 May)

Hill, Brad

• [webappsec] CSP reporting and sandbox directive (Wednesday, 26 June)
• RE: [webappsec-testsuite] New test server for CSP testing. (Thursday, 13 June)
• [webappsec-testsuite] New test server for CSP testing. (Tuesday, 11 June)
• [webappsec] No TPAC meeting in Shenzhen (Thursday, 6 June)
• RE: webappsec tests moved to GitHub (Thursday, 6 June)
• [webappsec] plugin-types directive for CLSIDs in IE (Tuesday, 4 June)
• RE: Cross-domain information leak with UI Security Directives (Sunday, 2 June)
• RE: broadening default-src semantics (Sunday, 2 June)

Huan Du

• Re: [whatwg] Cross-Origin Cookies Sharing Proposal (Monday, 24 June)
• Re: [whatwg] Cross-Origin Cookies Sharing Proposal (Saturday, 22 June)
• Re: Cross-Origin Cookies Sharing Proposal (Saturday, 22 June)
• Cross-Origin Cookies Sharing Proposal (Friday, 21 June)

Ian Melven

• Content Security Policy: inline style blocking, CSSOM and unsafe-eval (Monday, 24 June)

Joel Weinberger

• Re: Content Security Policy (Tuesday, 18 June)
• Re: Content Security Policy (Monday, 17 June)

Ken Lee

• Re: cspBuilder Wizard (Monday, 17 June)

Mountie Lee

• Re: [whatwg] Cross-Origin Cookies Sharing Proposal (Tuesday, 25 June)
• Re: [whatwg] Cross-Origin Cookies Sharing Proposal (Monday, 24 June)
• Re: Content Security Policy 1.1 : script-nonce or script-hash (Wednesday, 19 June)
• Re: Content Security Policy (Tuesday, 18 June)
• Re: Content Security Policy (Tuesday, 18 June)

Neil Matatall

• Re: Content Security Policy (Monday, 17 June)
• Re: Content Security Policy (Saturday, 15 June)

Nils Dagsson Moskopp

• Re: [whatwg] Cross-Origin Cookies Sharing Proposal (Friday, 21 June)

Olivier Jaquemet

• Content Security Policy 1.1 : script-nonce or script-hash (Tuesday, 18 June)

Tanvi Vyas

• Web Developer Security 1.0 - Training Tues 6/18 (Thursday, 13 June)

Yoav Weiss

• Re: Content Security Policy (Tuesday, 18 June)
• Re: Content Security Policy (Monday, 17 June)

Евнгений Яременко

• Re: Content Security Policy (Monday, 17 June)
• Content Security Policy (Friday, 14 June)

Last message date: Saturday, 29 June 2013 02:07:06 UTC