[CSP] Compatibility with 1.1 or 1.0
[CSP] Dynamic CSP
[CSP] feedback report-uri directive and report-only header
[CSP] feedback sandbox ABNF grammar conflict
[CSP] images loaded in object and embed
[CSP] kill or delay child-src?
[CSP] may we have script-ancestors to protect JSONP call
[CSP] prevent 401 attach
[CSP] Regarding style-src unsafe-eval and CSSOM
[CSP] Request to amend bookmarklet/extensions sentence in CSP1.1
[CSP] Section 5.1 Workers, is this missing a case?
[CSP] use csp-report-only to find out all content-type sniffing
[MIX]: Can we distinguish between images loader via `<picture>`/`srcset` and `<img>`?
[REFERRER] Naming none and null policies
[REFERRER] Where does "Determine request’s Referrer" get its URL from?
[webappsec] Concluding the Last Call period for CSP Level 2
AW: [CSP] feedback sandbox ABNF grammar conflict
Call for Exclusions: Referrer Policy
Comments on CSP Level 2
CSP for WebRTC
CSP Level 2 last call comment
CSP: 'no-external-navigation'?
Defining secure-enough origins.
- Anne van Kesteren (Sunday, 31 August)
- Jeffrey Yasskin (Thursday, 28 August)
- Chris Palmer (Monday, 25 August)
- Mike West (Friday, 22 August)
- Boris Zbarsky (Friday, 22 August)
- Mike West (Friday, 22 August)
- Boris Zbarsky (Friday, 22 August)
- Mike West (Friday, 22 August)
- Boris Zbarsky (Friday, 22 August)
- Mike West (Friday, 22 August)
- Boris Zbarsky (Friday, 22 August)
- Mike West (Friday, 22 August)
- Boris Zbarsky (Friday, 22 August)
- Mike West (Friday, 22 August)
Entry Point Regulation (EPR) for web apps
ISSUE-63: Disposition of ch-csp client hint
ISSUE-64: Csp3 how to deal with large policies needed by single-page webapps (http://lists.w3.org/archives/public/public-webappsec/2014aug/0021.html)
ISSUE-65: Does "no referrer" specify a state or is it a token? is a token with a space problematic?
ISSUE-66: No-external-navigation as potential csp3 feature http://lists.w3.org/archives/public/public-webappsec/2014aug/0053.html
LAST CALL
Last call CSP Level 2
OT: Technical Considerations for Vetting 3rd Party Mobile Applications
Paths and Redirects
Proposal: Prefer secure origins for powerful new web platform features
- Anne van Kesteren (Saturday, 23 August)
- Mark Watson (Friday, 22 August)
- Jeffrey Yasskin (Friday, 22 August)
- John Kemp (Friday, 22 August)
- John Kemp (Friday, 22 August)
- Chris Palmer (Friday, 22 August)
- Jeffrey Yasskin (Friday, 22 August)
- John Kemp (Friday, 22 August)
- Jeffrey Yasskin (Friday, 22 August)
- John Kemp (Friday, 22 August)
- Chris Palmer (Friday, 22 August)
- Chris Palmer (Friday, 22 August)
- Chris Palmer (Friday, 22 August)
- Jim Manico (Friday, 22 August)
- Glenn Adams (Friday, 22 August)
- Eduardo' Vela\ (Friday, 22 August)
- John Kemp (Friday, 22 August)
- Austin William Wright (Friday, 22 August)
- John Kemp (Friday, 22 August)
- Ian Melven (Friday, 22 August)
- Anne van Kesteren (Friday, 22 August)
- Jeffrey Walton (Friday, 22 August)
- Anne van Kesteren (Friday, 22 August)
- Ian Melven (Friday, 22 August)
- Jim Manico (Friday, 22 August)
- Jim Manico (Friday, 22 August)
- Jeffrey Yasskin (Friday, 22 August)
- Mark Watson (Friday, 22 August)
- Jeffrey Yasskin (Friday, 22 August)
- Adam Langley (Friday, 22 August)
- Mark Watson (Friday, 22 August)
- Chris Palmer (Friday, 22 August)
- Mark Watson (Thursday, 21 August)
- Adam Langley (Thursday, 21 August)
- Mark Watson (Thursday, 21 August)
- Chris Palmer (Thursday, 21 August)
- Adam Langley (Thursday, 21 August)
- Eduardo' Vela\ (Thursday, 21 August)
- Jeffrey Yasskin (Thursday, 21 August)
- Eduardo' Vela\ (Thursday, 21 August)
- Mark Watson (Thursday, 21 August)
- Chris Palmer (Thursday, 21 August)
- Chris Palmer (Thursday, 21 August)
- Eduardo' Vela\ (Thursday, 21 August)
- Chris Palmer (Thursday, 21 August)
- Mark Watson (Thursday, 21 August)
- Chris Palmer (Thursday, 21 August)
- Eduardo' Vela\ (Thursday, 21 August)
- Mike West (Thursday, 21 August)
- Mike West (Thursday, 21 August)
- Anne van Kesteren (Wednesday, 20 August)
- Eduardo' Vela\ (Wednesday, 20 August)
- Mark Watson (Wednesday, 20 August)
- Jim Manico (Wednesday, 20 August)
- Mark Watson (Wednesday, 20 August)
- Jim Manico (Wednesday, 20 August)
- Mark Watson (Wednesday, 20 August)
PSA: CSP2 last call ends Wednesday.
Referrer vs CSP
Referrer: change from <meta> with respect to origin
Referrer: typo
Regrets (Re: WebAppSec WG Teleconference 27-August-2014 08:00 PDT)
Secure Origins and Strong Authentication
Secure origins, high value code and data, and CAs providing reputational service
Sending a `context` HTTP request header.
WASWG Teleconference Agenda 2014-08-13 0800 PDT
WebAppSec WG Teleconference 27-August-2014 08:00 PDT
Last message date: Sunday, 31 August 2014 17:02:36 UTC