public-webappsec@w3.org from January 2016 by date

Sunday, 31 January 2016

• Allow auto-resize on iframe Craig Francis
• Allow auto-resize on iframe Craig Francis
• Re: Proposal: Marking HTTP As Non-Secure Eric Mill

Saturday, 30 January 2016

• Re: Proposal: Marking HTTP As Non-Secure Eitan Adler
• Re: Proposal: Marking HTTP As Non-Secure Jim Manico

Friday, 29 January 2016

• Re: Proposal: Marking HTTP As Non-Secure Chris Palmer

Thursday, 28 January 2016

• Re: Proposal: Marking HTTP As Non-Secure jirkadanek7@gmail.com
• Re: Request for input on Foreign Fetch Anne van Kesteren
• Re: Request for input on Foreign Fetch Martin Thomson
• Re: Proposal: Marking HTTP As Non-Secure Chris Palmer
• Re: Request for input on Foreign Fetch Anne van Kesteren
• Re: Request for input on Foreign Fetch Anne van Kesteren
• Re: Request for input on Foreign Fetch Ben Gidley
• Re: Request for input on Foreign Fetch Martin Thomson

Wednesday, 27 January 2016

• Re: [webappsec] Face to Face meeting survey Brad Hill
• Re: Request for input on Foreign Fetch Anne van Kesteren
• [webappsec] Face to Face meeting survey Brad Hill
• Re: Request for input on Foreign Fetch Martin Thomson
• Re: Request for input on Foreign Fetch Anne van Kesteren
• Re: Request for input on Foreign Fetch Mike West
• Re: Permissions work - status and intent to update Harald Alvestrand
• Permissions work - status and intent to update Harald Alvestrand

Tuesday, 26 January 2016

• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Secure Contexts to CR? (Re: [webappsec] Teleconference Agenda: 27-Jan-2016) Mike West
• Call for Exclusions: Content Security Policy Level 3 Xueyuan Jia

Monday, 25 January 2016

• Re: In-browser sanitization vs. a “Safe Node” in the DOM Andrew Sutherland
• [webappsec] Teleconference Agenda: 27-Jan-2016 Brad Hill
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross

Sunday, 24 January 2016

• Re: preflighted CORS requests and redirects: principally impossible? Anne van Kesteren
• Re: Proposal to add a browsing context named "_private" Utkarsh Upadhyay
• Re: preflighted CORS requests and redirects: principally impossible? Utkarsh Upadhyay

Saturday, 23 January 2016

• In-browser sanitization vs. a “Safe Node” in the DOM Andrew Sutherland
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: Summary of major differences between COWL and Suborigins Deian Stefan
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross

Friday, 22 January 2016

• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Chris Palmer
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Michal Zalewski
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Jim Manico
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Chris Palmer
• RE: In-browser sanitization vs. a “Safe Node” in the DOM Crispin Cowan
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Chris Palmer
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• RE: In-browser sanitization vs. a “Safe Node” in the DOM Crispin Cowan
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Chris Palmer
• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• Re: preflighted CORS requests and redirects: principally impossible? Jonathan Kingston
• Re: preflighted CORS requests and redirects: principally impossible? Utkarsh Upadhyay
• Re: In-browser sanitization vs. a “Safe Node” in the DOM Craig Francis
• Re: preflighted CORS requests and redirects: principally impossible? Nico Schlömer
• Re: preflighted CORS requests and redirects: principally impossible? Anne van Kesteren
• preflighted CORS requests and redirects: principally impossible? Nico Schlömer

Thursday, 21 January 2016

• Re: In-browser sanitization vs. a “Safe Node” in the DOM Michaela Merz

Friday, 22 January 2016

• Re: In-browser sanitization vs. a “Safe Node” in the DOM Anne van Kesteren
• Request for input on Foreign Fetch Anne van Kesteren

Thursday, 21 January 2016

• Re: In-browser sanitization vs. a “Safe Node” in the DOM David Ross
• In-browser sanitization vs. a “Safe Node” in the DOM Conrad Irwin
• In-browser sanitization vs. a “Safe Node” in the DOM David Ross

Wednesday, 20 January 2016

• Re: [SRI] Increasing Cacheable Content as a goal Slim Amamou
• Re: [SRI] Increasing Cacheable Content as a goal Brad Hill
• Re: Security / Technical feedback on subresource integrity specification Jonathan Kingston
• Re: Security / Technical feedback on subresource integrity specification Richard Barnes
• [SRI] Increasing Cacheable Content as a goal Slim Amamou
• Re: Security / Technical feedback on subresource integrity specification Mhano Harkness
• Re: Security / Technical feedback on subresource integrity specification Mhano Harkness
• Re: Security / Technical feedback on subresource integrity specification Francois Marier

Tuesday, 19 January 2016

• Re: HSTS priming vs preloading Jim Manico
• Re: HSTS priming vs preloading Richard Barnes
• Re: HSTS priming vs preloading Jim Manico
• [SRI] Re: Security / Technical feedback on subresource integrity specification Frederik Braun

Monday, 18 January 2016

• Re: PDF alternative using HTML (proposal) James May

Tuesday, 19 January 2016

• Security / Technical feedback on subresource integrity specification Mhano Harkness
• Re: PDF alternative using HTML (proposal) Craig Francis

Monday, 18 January 2016

• Re: HSTS priming vs preloading Eric Mill
• Re: HSTS priming vs preloading Mike West
• Re: HSTS priming vs preloading Eric Mill
• RE: PDF alternative using HTML (proposal) Crispin Cowan
• Re: PDF alternative using HTML (proposal) Craig Francis
• Re: HSTS priming vs preloading Richard Barnes
• Re: HSTS priming vs preloading Mike West
• Re: PDF alternative using HTML (proposal) Craig Francis
• Re: PDF alternative using HTML (proposal) Craig Francis

Sunday, 17 January 2016

• RE: PDF alternative using HTML (proposal) Crispin Cowan
• Re: PDF alternative using HTML (proposal) Craig Francis
• RE: PDF alternative using HTML (proposal) Crispin Cowan

Saturday, 16 January 2016

• Re: PDF alternative using HTML (proposal) Ángel González

Friday, 15 January 2016

• Signed JavaScript/JSON using ES6 + Google V8 Anders Rundgren

Thursday, 14 January 2016

• Summary of major differences between COWL and Suborigins Joel Weinberger
• Call for Exclusions (Update): Confinement with Origin Web Labels Xueyuan Jia
• Re: PDF alternative using HTML (proposal) Craig Francis
• RE: Proposal to add a browsing context named "_private" Crispin Cowan
• Re: Proposal to add a browsing context named "_private" Joel Weinberger
• Re: Proposal to add a browsing context named "_private" Utkarsh Upadhyay

Wednesday, 13 January 2016

• Re: [powerful features] Secure Contexts and Framed Documents Chris Palmer
• Re: [powerful features] Secure Contexts and Framed Documents Rich Tibbett
• Re: [powerful features] Secure Contexts and Framed Documents Anne van Kesteren
• Re: [powerful features] Secure Contexts and Framed Documents Anne van Kesteren
• Re: [powerful features] Secure Contexts and Framed Documents Rich Tibbett
• Re: [powerful features] Secure Contexts and Framed Documents Joel Weinberger
• Re: [powerful features] Secure Contexts and Framed Documents Anne van Kesteren
• [powerful features] Secure Contexts and Framed Documents Rich Tibbett
• [sritest.io] New Website SRI Scanner Service Gabor Szathmari
• Re: Limiting requests from the internet to the intranet. Richard Barnes

Tuesday, 12 January 2016

• RE: Proposal to add a browsing context named "_private" Crispin Cowan
• Re: PDF alternative using HTML (proposal) Wendy Seltzer
• Re: PDF alternative using HTML (proposal) Craig Francis
• Re: PDF alternative using HTML (proposal) Adrian Hope-Bailie
• PDF alternative using HTML (proposal) Craig Francis
• Re: Proposal to add a browsing context named "_private" Utkarsh Upadhyay
• Re: new CSP draft. Mike West
• Re: Proposal to add a browsing context named "_private" Anne van Kesteren
• [webappsec] Teleconference Agenda 13-Jan-2016 Brad Hill
• Re: new CSP draft. Jonathan Kingston
• RE: Proposal to add a browsing context named "_private" Crispin Cowan
• Re: Proposal to add a browsing context named "_private" Utkarsh Upadhyay

Monday, 11 January 2016

• Re: new CSP draft. Oda, Terri
• Re: Proposal to add a browsing context named "_private" Joel Weinberger
• Re: Proposal to add a browsing context named "_private" Utkarsh Upadhyay
• RE: Proposal to add a browsing context named "_private" Crispin Cowan
• Re: Proposal to add a browsing context named "_private" Joel Weinberger
• Re: Proposal to add a browsing context named "_private" Patrick Toomey
• Re: Proposal to add a browsing context named "_private" timeless
• Re: Proposal to add a browsing context named "_private" Patrick Toomey
• Re: Proposal to add a browsing context named "_private" Richard Barnes
• Proposal to add a browsing context named "_private" Utkarsh Upadhyay
• Fwd: HTTPS/HSTS support on www.w3.org servers Wendy Seltzer
• Re: new CSP draft. Mike West

Sunday, 10 January 2016

• Re: new CSP draft. Jonathan Kingston

Saturday, 9 January 2016

• Re: [CSP] "sri" source expression to enforce SRI Eduardo Robles Elvira
• Re: Limiting requests from the internet to the intranet. Brian Smith
• Re: Limiting requests from the internet to the intranet. Devdatta Akhawe

Friday, 8 January 2016

• Re: Limiting requests from the internet to the intranet. Justin Schuh
• Re: Limiting requests from the internet to the intranet. Erik Nygren
• Re: Limiting requests from the internet to the intranet. Brian Smith
• Re: Limiting requests from the internet to the intranet. Richard Barnes
• Re: Limiting requests from the internet to the intranet. Mike West
• CfC: CSP3 to FPWD; deadline January 15th. Mike West

Thursday, 7 January 2016

• Re: Header size and policy delivery Martin Thomson
• Re: Header size and policy delivery Patrick Toomey
• RE: Header size and policy delivery Mike O'Neill
• Re: Header size and policy delivery Martin Thomson
• Re: Header size and policy delivery Patrick Toomey
• Re: Header size and policy delivery Martin Thomson
• Header size and policy delivery Jonathan Kingston

Wednesday, 6 January 2016

• Re: Limiting requests from the internet to the intranet. Justin Schuh
• Re: Limiting requests from the internet to the intranet. Chris Palmer
• Re: Limiting requests from the internet to the intranet. Oda, Terri
• Re: [CSP] "sri" source expression to enforce SRI Joel Weinberger

Tuesday, 5 January 2016

• Re: Call for Consensus: Mixed Content to Proposed Recommendation Wendy Seltzer
• Call for Consensus: Mixed Content to Proposed Recommendation Brad Hill
• Call for Consensus: SRI to Proposed Recommendation Brad Hill
• RE: [CSP] "sri" source expression to enforce SRI Mike O'Neill
• Re: [CSP] "sri" source expression to enforce SRI Jonathan Kingston
• RE: [CSP] "sri" source expression to enforce SRI Mike O'Neill

Monday, 4 January 2016

• Re: Limiting requests from the internet to the intranet. Justin Schuh
• Re: Limiting requests from the internet to the intranet. Justin Schuh
• Re: Limiting requests from the internet to the intranet. Sergey Shekyan

Tuesday, 5 January 2016

• Re: [CSP] "sri" source expression to enforce SRI Nottingham, Mark

Monday, 4 January 2016

• Re: Limiting requests from the internet to the intranet. Erik Nygren
• Re: Limiting requests from the internet to the intranet. Nottingham, Mark
• Re: Limiting requests from the internet to the intranet. Chris Palmer
• Re: Limiting requests from the internet to the intranet. Mike West
• Re: Limiting requests from the internet to the intranet. Chris Palmer
• Re: Limiting requests from the internet to the intranet. Mike West
• Re: Limiting requests from the internet to the intranet. Chris Palmer
• Re: Limiting requests from the internet to the intranet. Mike West
• Re: [CSP] "sri" source expression to enforce SRI Patrick Toomey
• Re: Limiting requests from the internet to the intranet. Richard Barnes
• Re: Limiting requests from the internet to the intranet. Erik Nygren
• Re: Limiting requests from the internet to the intranet. Eric Mill
• Limiting requests from the internet to the intranet. Mike West

Last message date: Sunday, 31 January 2016 19:02:13 UTC