from September 2015 by subject

[clear-site-data] clearing information about URLs visited

[CSP2] browser behavior on frame-ancestors violation through previous iframe content navigation

[CSP2] connect-src 'self' and websockets

[CSP2] How to restrict resources linking to

[CSP2]Is there a directive dealing with the window.opener.location phishing concern?

[mixed-content] DASH Players and Mixed Content

[webappsec] Call for Consensus: COWL to FPWD

[webappsec] CSP2 Implementation Report

[webappsec] more CSP test review begging

[webappsec] Next teleconference, 7-Sep-2015, CANCELLED

`iframe[@sandbox]`: "sandblaster" JS library for analysis/modification

A Somewhat Critical View of SOP (Same Origin Policy)

Automatic private browsing upgrades

Caching of web content based on hashes?

Call for Exclusions (Update): Entry Point Regulation

CfC: Republish MIX as a CR; deadline Sept. 15th.

CfC: Transition "Secure Contexts" to CR; deadline October 1st.

Coming back to CREDENTIAL.

CSP 401 Issue

CSP3 as a polylithic set of modules?

Fwd: Password generation classes

HSTS, mixed content, and priming

Password generation classes

Permissions API

Referrer value for resources fetched from CSS

RfC: Service Workers

Secure Contexts: It's worth taking another look.

SOP wiki was: A Somewhat Critical View of SOP (Same Origin Policy)

Split the `w3c/webappsec` respository?

SRI: data URIs and Blob URL

SRI: edge case when loading the same stylesheet twice in a document

Starting to create new repositories.

Testing W3C's HTTPS setup

WebAppSec Teleconference Agenda 21-Sep-2015

Last message date: Wednesday, 30 September 2015 21:23:12 UTC