Wednesday, 30 September 2015
- Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern?
- Re: Referrer value for resources fetched from CSS
- Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern?
- Re: Password generation classes
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Password generation classes
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- `iframe[@sandbox]`: "sandblaster" JS library for analysis/modification
- Re: Starting to create new repositories.
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern?
- Re: [CSP2]Is there a directive dealing with the window.opener.location phishing concern?
- [CSP2]Is there a directive dealing with the window.opener.location phishing concern?
- Re: Starting to create new repositories.
- Starting to create new repositories.
- Fwd: Password generation classes
- Re: CSP3 as a polylithic set of modules?
- Re: Password generation classes
- Password generation classes
Tuesday, 29 September 2015
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: CSP3 as a polylithic set of modules?
- Re: CSP3 as a polylithic set of modules?
- Re: CSP3 as a polylithic set of modules?
- Re: Referrer value for resources fetched from CSS
- Re: CSP3 as a polylithic set of modules?
- Re: CSP3 as a polylithic set of modules?
Monday, 28 September 2015
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: CSP3 as a polylithic set of modules?
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: CSP3 as a polylithic set of modules?
- Re: CSP3 as a polylithic set of modules?
- Re: SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: [CSP2] connect-src 'self' and websockets
- RE: [CSP2] connect-src 'self' and websockets
- Re: Referrer value for resources fetched from CSS
- Re: [CSP2] connect-src 'self' and websockets
- Re: [CSP2] connect-src 'self' and websockets
- SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)
Sunday, 27 September 2015
Saturday, 26 September 2015
- CSP3 as a polylithic set of modules?
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: Permissions API
- Permissions API
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
Friday, 25 September 2015
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- RE: A Somewhat Critical View of SOP (Same Origin Policy)
Thursday, 24 September 2015
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- CfC: Transition "Secure Contexts" to CR; deadline October 1st.
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SRI: data URIs and Blob URL
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SRI: data URIs and Blob URL
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SRI: data URIs and Blob URL
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
Wednesday, 23 September 2015
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SRI: data URIs and Blob URL
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- SRI: data URIs and Blob URL
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: Testing W3C's HTTPS setup
- Re: Testing W3C's HTTPS setup
Tuesday, 22 September 2015
- Re: [mixed-content] DASH Players and Mixed Content
- Re: Testing W3C's HTTPS setup
- Re: Coming back to CREDENTIAL.
- Re: Coming back to CREDENTIAL.
- Re: [webappsec] Call for Consensus: COWL to FPWD
Monday, 21 September 2015
- [webappsec] Call for Consensus: COWL to FPWD
- Re: WebAppSec Teleconference Agenda 21-Sep-2015
- Re: WebAppSec Teleconference Agenda 21-Sep-2015
- Re: Testing W3C's HTTPS setup
- Re: HSTS, mixed content, and priming
- Re: Testing W3C's HTTPS setup
- Re: Testing W3C's HTTPS setup
- Re: Testing W3C's HTTPS setup
- Re: Testing W3C's HTTPS setup
- Re: RfC: Service Workers
- Re: Testing W3C's HTTPS setup
- Re: Testing W3C's HTTPS setup
- Re: Testing W3C's HTTPS setup
- RfC: Service Workers
- Re: Testing W3C's HTTPS setup
- Re: Re: Testing W3C's HTTPS setup
- Re: Re: Testing W3C's HTTPS setup
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: WebAppSec Teleconference Agenda 21-Sep-2015
Sunday, 20 September 2015
Saturday, 19 September 2015
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: [mixed-content] DASH Players and Mixed Content
Friday, 18 September 2015
- Re: [mixed-content] DASH Players and Mixed Content
- RE: [mixed-content] DASH Players and Mixed Content
- Re: [mixed-content] DASH Players and Mixed Content
- Re: [mixed-content] DASH Players and Mixed Content
- Re: [mixed-content] DASH Players and Mixed Content
- Re: [mixed-content] DASH Players and Mixed Content
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: SRI: edge case when loading the same stylesheet twice in a document
Thursday, 17 September 2015
- Re: [mixed-content] DASH Players and Mixed Content
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: [mixed-content] DASH Players and Mixed Content
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: SRI: edge case when loading the same stylesheet twice in a document
- Re: SRI: edge case when loading the same stylesheet twice in a document
Wednesday, 16 September 2015
- SRI: edge case when loading the same stylesheet twice in a document
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: Automatic private browsing upgrades
- Re: Automatic private browsing upgrades
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
Tuesday, 15 September 2015
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: Testing W3C's HTTPS setup
- Re: Coming back to CREDENTIAL.
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
Monday, 14 September 2015
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: Coming back to CREDENTIAL.
- Re: Testing W3C's HTTPS setup
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: Automatic private browsing upgrades
- Re: [clear-site-data] clearing information about URLs visited
- [clear-site-data] clearing information about URLs visited
- Re: Automatic private browsing upgrades
Friday, 11 September 2015
- Re: Secure Contexts: It's worth taking another look.
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Secure Contexts: It's worth taking another look.
Thursday, 10 September 2015
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: CSP 401 Issue
Wednesday, 9 September 2015
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: CSP 401 Issue
- Re: CSP 401 Issue
- Call for Exclusions (Update): Entry Point Regulation
- Re: CSP 401 Issue
Tuesday, 8 September 2015
Wednesday, 9 September 2015
Tuesday, 8 September 2015
- Re: Split the `w3c/webappsec` respository?
- CfC: Republish MIX as a CR; deadline Sept. 15th.
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Referrer value for resources fetched from CSS
- Re: Referrer value for resources fetched from CSS
- Referrer value for resources fetched from CSS
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Re: Split the `w3c/webappsec` respository?
- Split the `w3c/webappsec` respository?
- Re: Coming back to CREDENTIAL.
- Re: Automatic private browsing upgrades
Monday, 7 September 2015
- Re: Coming back to CREDENTIAL.
- Re: Coming back to CREDENTIAL.
- Re: [CSP2] browser behavior on frame-ancestors violation through previous iframe content navigation
Friday, 4 September 2015
Sunday, 6 September 2015
Saturday, 5 September 2015
Friday, 4 September 2015
Thursday, 3 September 2015
- Re: [CSP2] How to restrict resources linking to
- Re: Caching of web content based on hashes?
- Re: Automatic private browsing upgrades
- Re: Caching of web content based on hashes?
- Re: Caching of web content based on hashes?
- Re: Caching of web content based on hashes?
- Re: Automatic private browsing upgrades
- Re: Automatic private browsing upgrades
- Re: Caching of web content based on hashes?
- Re: Coming back to CREDENTIAL.
Wednesday, 2 September 2015
Thursday, 3 September 2015
Wednesday, 2 September 2015
- [webappsec] Next teleconference, 7-Sep-2015, CANCELLED
- Re: Coming back to CREDENTIAL.
- Re: Coming back to CREDENTIAL.
- Re: Coming back to CREDENTIAL.
- Re: Coming back to CREDENTIAL.
- Re: [CSP2] How to restrict resources linking to
- Re: [CSP2] How to restrict resources linking to
- [webappsec] CSP2 Implementation Report
- Re: [CSP2] How to restrict resources linking to
Tuesday, 1 September 2015
- [webappsec] more CSP test review begging
- Re: Coming back to CREDENTIAL.
- Re: Coming back to CREDENTIAL.
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)
- Re: A Somewhat Critical View of SOP (Same Origin Policy)