from August 2015 by subject

[clear-site-data] header field syntax

[CSP2] How to restrict resources linking to

[CSP2] Re: CR: Content Security Policy Level 2

[CSP2] subscribe

[REFERRER] 3 of 4 policy states are worst than the default

[webappsec] CREDENTIAL: requestAutocomplete can already provide local credentials (#445)

[webappsec] Monday's call CANCELLED

[webappsec] Teleconference Agenda: 24-Aug-2015

[webappsec] test review request

A Somewhat Critical View of SOP (Same Origin Policy)

Application Hash exchange between client and server

Call for Exclusions: Clear Site Data

CfC: CSP2 to PR; deadline Aug 18th.

CfC: Mixed Content to PR; deadline July 6th.

CfC: Republish MIX as CR; deadline July 29th.

CfC: Transition UPGRADE to CR; deadline Aug 26th.

Coming back to CREDENTIAL.

CSP 401 Issue

CSP Plugin

CSP policy to constrain cookies to origin

Fwd: [webappsec] CfC: Proposed non-normative updates to CORS

Garage4Hackers Ranchoddas Webcast: Drive It Like You Hacked It by Samy Kamkar

HSTS, mixed content, and priming

JSON representation of CSP policies

Mozilla/Microsoft support for Native Messaging

Permissions management, IoT/embedded devices and the permissions API

Reviewing the Charter

SRI fail open behaviour

UPGRADE: Do we need granular control?

Last message date: Monday, 31 August 2015 23:09:11 UTC