from May 2013 by subject

[filter-effects][css-masking] Move security model for resources to CSP

[webappsec] Agenda addition - rechartering update

[webappsec] cancel today's call?

[webappsec] CfC - new WD of CSP 1.1

[webappsec] draft agenda for 7 May teleconference

[webappsec] meeting at TPAC, Shenzhen, CN, Nov 18-22?

[webappsec] Meeting minutes

[webappsec] minutes for April 25-26 F2F

[webappsec] new CSP test suite checkins!

ACTION-115: Proposal for handling srcdoc

Allowing any author request header in CORS

broadening default-src semantics

Cookieless cross-origin violation reports.

CORS and local resources

Cross-domain information leak with UI Security Directives

Cross-origin leakage with securitypolicyviolation events and paths in source expressions.

crossorigin=anonymous and auth dialogs?

CSP and innerHTML

CSP/innerHTML/JS Sandbox

CSP: workers

cspBuilder Wizard

Fetch: HTTP authentication and CORS

Fetch: please review!

Possible bug in algorithm to match a source expression?

Time to work on a Rec track JS sandbox? was: CSP and innerHTML

Trimming the SecurityPolicy DOM interface

UISecurity: confusing terminology "redressing"

Last message date: Friday, 31 May 2013 21:29:42 UTC