public-webappsec@w3.org from September 2015 by date

Wednesday, 30 September 2015

• Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern? Brad Hill
• Re: Referrer value for resources fetched from CSS Boris Zbarsky
• Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern? Tanvi Vyas
• Re: Password generation classes Jonathan Kingston
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• Re: Referrer value for resources fetched from CSS Boris Zbarsky
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• Re: Referrer value for resources fetched from CSS Boris Zbarsky
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• Re: Referrer value for resources fetched from CSS Anne van Kesteren
• Re: Password generation classes John Wong
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• Re: Referrer value for resources fetched from CSS Boris Zbarsky
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• Re: Referrer value for resources fetched from CSS Anne van Kesteren
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• `iframe[@sandbox]`: "sandblaster" JS library for analysis/modification James M. Greene
• Re: Starting to create new repositories. Deian Stefan
• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern? Jerry Qu
• Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern? Mike West
• [CSP2]Is there a directive dealing with the window.opener.location phishing concern? Jerry Qu
• Re: Starting to create new repositories. Frederik Braun
• Starting to create new repositories. Mike West
• Fwd: Password generation classes Jonathan Kingston
• Re: CSP3 as a polylithic set of modules? Mike West
• Re: Password generation classes John Wong
• Password generation classes Jonathan Kingston

Tuesday, 29 September 2015

• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri
• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Hodges, Jeff
• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri
• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Brad Hill
• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: CSP3 as a polylithic set of modules? Brian Smith
• Re: CSP3 as a polylithic set of modules? Mike West
• Re: CSP3 as a polylithic set of modules? Mike West
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• Re: CSP3 as a polylithic set of modules? Jim Manico
• Re: CSP3 as a polylithic set of modules? Jonathan Kingston

Monday, 28 September 2015

• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Hodges, Jeff
• Re: CSP3 as a polylithic set of modules? Brian Smith
• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: CSP3 as a polylithic set of modules? Joel Weinberger
• Re: CSP3 as a polylithic set of modules? Brian Smith
• Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) GALINDO Virginie
• Re: [CSP2] connect-src 'self' and websockets Brad Hill
• RE: [CSP2] connect-src 'self' and websockets André N. Klingsheim
• Re: Referrer value for resources fetched from CSS Tanvi Vyas
• Re: [CSP2] connect-src 'self' and websockets Daniel Veditz
• Re: [CSP2] connect-src 'self' and websockets Mike West
• SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story

Sunday, 27 September 2015

• [CSP2] connect-src 'self' and websockets André N. Klingsheim

Saturday, 26 September 2015

• CSP3 as a polylithic set of modules? Mike West
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: Permissions API Mike West
• Permissions API Mike O'Neill
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Anders Rundgren

Friday, 25 September 2015

• Re: A Somewhat Critical View of SOP (Same Origin Policy) Alex Russell
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Raggett
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri
• RE: A Somewhat Critical View of SOP (Same Origin Policy) ANDREAE Philip

Thursday, 24 September 2015

• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Martin Paljak
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Harry Halpin
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• CfC: Transition "Secure Contexts" to CR; deadline October 1st. Mike West
• Re: A Somewhat Critical View of SOP (Same Origin Policy) henry.story@bblfish.net
• Re: SRI: data URIs and Blob URL Anne van Kesteren
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Anders Rundgren
• Re: SRI: data URIs and Blob URL Francois Marier
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Harry Halpin
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• Re: SRI: data URIs and Blob URL Jerry Qu
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Harry Halpin

Wednesday, 23 September 2015

• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Harry Halpin
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Jeffrey Yasskin
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Brad Hill
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Harry Halpin
• Re: SRI: data URIs and Blob URL Anne van Kesteren
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Adrian Hope-Bailie
• SRI: data URIs and Blob URL Jerry Qu
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Anders Rundgren
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Harry Halpin
• Re: A Somewhat Critical View of SOP (Same Origin Policy) henry.story@bblfish.net
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Harry Halpin
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Siva Narendra
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Anders Rundgren
• Re: Testing W3C's HTTPS setup Mike West
• Re: Testing W3C's HTTPS setup Tanvi Vyas

Tuesday, 22 September 2015

• Re: [mixed-content] DASH Players and Mixed Content Nottingham, Mark
• Re: Testing W3C's HTTPS setup Alex Russell
• Re: Coming back to CREDENTIAL. Dave Longley
• Re: Coming back to CREDENTIAL. Mike West
• Re: [webappsec] Call for Consensus: COWL to FPWD Mike West

Monday, 21 September 2015

• [webappsec] Call for Consensus: COWL to FPWD Brad Hill
• Re: WebAppSec Teleconference Agenda 21-Sep-2015 Mike West
• Re: WebAppSec Teleconference Agenda 21-Sep-2015 Brad Hill
• Re: Testing W3C's HTTPS setup Eric Mill
• Re: HSTS, mixed content, and priming Jacob Hoffman-Andrews
• Re: Testing W3C's HTTPS setup Richard Barnes
• Re: Testing W3C's HTTPS setup Anne van Kesteren
• Re: Testing W3C's HTTPS setup Jim Manico
• Re: Testing W3C's HTTPS setup Eric Mill
• Re: RfC: Service Workers Arthur Barstow
• Re: Testing W3C's HTTPS setup Mike West
• Re: Testing W3C's HTTPS setup Jose Kahan
• Re: Testing W3C's HTTPS setup Mike West
• RfC: Service Workers Arthur Barstow
• Re: Testing W3C's HTTPS setup Jose Kahan
• Re: Re: Testing W3C's HTTPS setup Mike West
• Re: Re: Testing W3C's HTTPS setup Jose Kahan
• Re: SRI: edge case when loading the same stylesheet twice in a document Tanvi Vyas
• Re: SRI: edge case when loading the same stylesheet twice in a document Francois Marier
• Re: SRI: edge case when loading the same stylesheet twice in a document Tanvi Vyas
• Re: WebAppSec Teleconference Agenda 21-Sep-2015 Deian Stefan

Sunday, 20 September 2015

• Re: WebAppSec Teleconference Agenda 21-Sep-2015 Mike West
• WebAppSec Teleconference Agenda 21-Sep-2015 Daniel Veditz

Saturday, 19 September 2015

• Re: SRI: edge case when loading the same stylesheet twice in a document Daniel Veditz
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: [mixed-content] DASH Players and Mixed Content Göran AP Eriksson

Friday, 18 September 2015

• Re: [mixed-content] DASH Players and Mixed Content Anne van Kesteren
• RE: [mixed-content] DASH Players and Mixed Content Jon Piesing
• Re: [mixed-content] DASH Players and Mixed Content Anne van Kesteren
• Re: [mixed-content] DASH Players and Mixed Content Nottingham, Mark
• Re: [mixed-content] DASH Players and Mixed Content Mike West
• Re: [mixed-content] DASH Players and Mixed Content Anne van Kesteren
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Jeffrey Walton
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Alex Russell
• Re: SRI: edge case when loading the same stylesheet twice in a document Jonathan Kingston
• Re: SRI: edge case when loading the same stylesheet twice in a document Brian Smith

Thursday, 17 September 2015

• Re: [mixed-content] DASH Players and Mixed Content Nottingham, Mark
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Colin Gallagher
• Re: [mixed-content] DASH Players and Mixed Content Nottingham, Mark
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: SRI: edge case when loading the same stylesheet twice in a document Anne van Kesteren
• Re: SRI: edge case when loading the same stylesheet twice in a document Francois Marier
• Re: SRI: edge case when loading the same stylesheet twice in a document Francois Marier
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Brad Hill
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: SRI: edge case when loading the same stylesheet twice in a document Anne van Kesteren
• Re: SRI: edge case when loading the same stylesheet twice in a document Frederik Braun
• Re: SRI: edge case when loading the same stylesheet twice in a document Conrad Irwin

Wednesday, 16 September 2015

• SRI: edge case when loading the same stylesheet twice in a document Francois Marier
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Martin Thomson
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Brad Hill
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Dave Longley
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: Automatic private browsing upgrades Mike West
• Re: Automatic private browsing upgrades Francois Marier
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri

Tuesday, 15 September 2015

• Re: A Somewhat Critical View of SOP (Same Origin Policy) Brad Hill
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Alex Russell
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Alex Russell
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: Testing W3C's HTTPS setup Mike West
• Re: Coming back to CREDENTIAL. Mike West
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Eric Mill

Monday, 14 September 2015

• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Henry Story
• Re: Coming back to CREDENTIAL. Dave Longley
• Re: Testing W3C's HTTPS setup Mike West
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Rigo Wenning
• Re: Automatic private browsing upgrades Mike West
• Re: [clear-site-data] clearing information about URLs visited Mike West
• [clear-site-data] clearing information about URLs visited Nick Doty
• Re: Automatic private browsing upgrades Nick Doty

Friday, 11 September 2015

• Re: Secure Contexts: It's worth taking another look. Anne van Kesteren
• Re: Split the `w3c/webappsec` respository? Mike West
• Re: Split the `w3c/webappsec` respository? Frederik Braun
• Re: Split the `w3c/webappsec` respository? Mike West
• Secure Contexts: It's worth taking another look. Mike West

Thursday, 10 September 2015

• Re: Split the `w3c/webappsec` respository? Jonathan Kingston
• Re: Split the `w3c/webappsec` respository? Wendy Seltzer
• Re: Split the `w3c/webappsec` respository? Mike West
• Re: CSP 401 Issue Kepeng Li

Wednesday, 9 September 2015

• Re: Split the `w3c/webappsec` respository? Brad Hill
• Re: Split the `w3c/webappsec` respository? Ángel González
• Re: Split the `w3c/webappsec` respository? Neil Matatall
• Re: Split the `w3c/webappsec` respository? Eric Mill
• Re: Split the `w3c/webappsec` respository? Oda, Terri
• Re: Split the `w3c/webappsec` respository? Joel Weinberger
• Re: CSP 401 Issue Anne van Kesteren
• Re: CSP 401 Issue Mike West
• Call for Exclusions (Update): Entry Point Regulation Xueyuan Jia
• Re: CSP 401 Issue Anne van Kesteren

Tuesday, 8 September 2015

• Re: [mixed-content] DASH Players and Mixed Content Göran AP Eriksson

Wednesday, 9 September 2015

• Re: Split the `w3c/webappsec` respository? Mike West
• Re: CSP 401 Issue Tanvi Vyas

Tuesday, 8 September 2015

• Re: Split the `w3c/webappsec` respository? Francois Marier
• CfC: Republish MIX as a CR; deadline Sept. 15th. Mike West
• Re: Split the `w3c/webappsec` respository? Deian Stefan
• Re: Split the `w3c/webappsec` respository? David Ross
• Re: Split the `w3c/webappsec` respository? Brad Hill
• Re: Referrer value for resources fetched from CSS Jochen Eisinger
• Re: Referrer value for resources fetched from CSS Mike West
• Referrer value for resources fetched from CSS Yoav Weiss
• Re: Split the `w3c/webappsec` respository? Frederik Braun
• Re: Split the `w3c/webappsec` respository? Mike West
• Re: Split the `w3c/webappsec` respository? Jochen Eisinger
• Split the `w3c/webappsec` respository? Mike West
• Re: Coming back to CREDENTIAL. Mike West
• Re: Automatic private browsing upgrades Mark Nottingham

Monday, 7 September 2015

• Re: Coming back to CREDENTIAL. Dick Hardt
• Re: Coming back to CREDENTIAL. Dave Longley
• Re: [CSP2] browser behavior on frame-ancestors violation through previous iframe content navigation fredericdelaporte@free.fr

Friday, 4 September 2015

• [CSP2] browser behavior on frame-ancestors violation through previous iframe content navigation fredericdelaporte@free.fr

Sunday, 6 September 2015

• Re: CSP 401 Issue Anne van Kesteren
• Re: CSP 401 Issue Kepeng Li

Saturday, 5 September 2015

• Re: CSP 401 Issue Anne van Kesteren
• Re: Caching of web content based on hashes? Christian Nygaard

Friday, 4 September 2015

• Re: Caching of web content based on hashes? Ángel González

Thursday, 3 September 2015

• Re: [CSP2] How to restrict resources linking to Brad Hill
• Re: Caching of web content based on hashes? Christian Nygaard
• Re: Automatic private browsing upgrades Richard Barnes
• Re: Caching of web content based on hashes? Richard Barnes
• Re: Caching of web content based on hashes? Brad Hill
• Re: Caching of web content based on hashes? Martin Thomson
• Re: Automatic private browsing upgrades Mike West
• Re: Automatic private browsing upgrades Richard Barnes
• Re: Caching of web content based on hashes? Richard Barnes
• Re: Coming back to CREDENTIAL. Mike West

Wednesday, 2 September 2015

• Caching of web content based on hashes? Christian Nygaard

Thursday, 3 September 2015

• Automatic private browsing upgrades Francois Marier

Wednesday, 2 September 2015

• [webappsec] Next teleconference, 7-Sep-2015, CANCELLED Brad Hill
• Re: Coming back to CREDENTIAL. Dave Longley
• Re: Coming back to CREDENTIAL. Mike West
• Re: Coming back to CREDENTIAL. Dave Longley
• Re: Coming back to CREDENTIAL. Mike West
• Re: [CSP2] How to restrict resources linking to yao zhongxiao
• Re: [CSP2] How to restrict resources linking to Craig Francis
• [webappsec] CSP2 Implementation Report Brad Hill
• Re: [CSP2] How to restrict resources linking to yao zhongxiao

Tuesday, 1 September 2015

• [webappsec] more CSP test review begging Brad Hill
• Re: Coming back to CREDENTIAL. Adrian Hope-Bailie
• Re: Coming back to CREDENTIAL. Mike West
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Anders Rundgren
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Anders Rundgren
• Re: A Somewhat Critical View of SOP (Same Origin Policy) Tony Arcieri

Last message date: Wednesday, 30 September 2015 21:23:12 UTC