public-webappsec@w3.org from June 2016 by thread

[REFERRER] Combining referrer policies Ryan Townsend (Monday, 27 June)

• Re: [REFERRER] Combining referrer policies Daniel Veditz (Wednesday, 29 June)
  • Re: [REFERRER] Combining referrer policies Francois Marier (Wednesday, 29 June)

[webappsec] Tomorrow's teleconference CANCELLED Brad Hill (Wednesday, 29 June)

Accessing the same CORS-Resource from multiple sites Reto Gmür (Monday, 27 June)

• Re: Accessing the same CORS-Resource from multiple sites Daniel Veditz (Monday, 27 June)
  • Re: Accessing the same CORS-Resource from multiple sites Reto Gmür (Tuesday, 28 June)
    • Re: Accessing the same CORS-Resource from multiple sites Brad Hill (Tuesday, 28 June)
      • Re: Accessing the same CORS-Resource from multiple sites Reto Gmür (Thursday, 30 June)

Fwd: Subresource Integrity (SRI) is now a W3C Recommendation Daniel Veditz (Friday, 24 June)

CORS restrictions on preflight (too) strict? Ruben Verborgh (Wednesday, 22 June)

[suborigins] Understanding the syntax chloe (Tuesday, 21 June)

[suborigins] Understanding the syntax chloe (Monday, 20 June)

• Re: [suborigins] Understanding the syntax Mike West (Tuesday, 21 June)
  • Re: [suborigins] Understanding the syntax Artur Janc (Tuesday, 21 June)

SameSite cookies and SAML Reed Loden (Friday, 17 June)

• Re: SameSite cookies and SAML Brad Hill (Sunday, 19 June)
  • Re: SameSite cookies and SAML Devdatta Akhawe (Sunday, 19 June)

[webappsec] 6/15 call CANCELLED Brad Hill (Tuesday, 14 June)

SameSite=Strict cookies for a user entered URL Craig Francis (Monday, 13 June)

• Re: SameSite=Strict cookies for a user entered URL Mike West (Monday, 20 June)

CSP script-src - Allow Js Events Harssh Mahajan (Friday, 10 June)

• Re: CSP script-src - Allow Js Events Joel Weinberger (Friday, 10 June)

Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Mike West (Tuesday, 7 June)

• Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Brad Hill (Tuesday, 7 June)
  • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Artur Janc (Tuesday, 7 June)
    • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Mike West (Tuesday, 7 June)
      • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Brad Hill (Tuesday, 7 June)
        • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Artur Janc (Wednesday, 8 June)
          • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Harssh Mahajan (Wednesday, 8 June)
            • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Daniel Veditz (Wednesday, 8 June)
      • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Artur Janc (Wednesday, 8 June)
        • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Artur Janc (Wednesday, 8 June)
          • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Devdatta Akhawe (Wednesday, 8 June)
            • Re: Whitelisting external resources by hash (was Re: Finalizing the shape of CSP ‘unsafe-dynamic’) Artur Janc (Wednesday, 8 June)

Should permission requests require a user gesture? Jeffrey Yasskin (Thursday, 2 June)

• Re: Should permission requests require a user gesture? Chris Palmer (Friday, 10 June)

Finalizing the shape of CSP ‘unsafe-dynamic’ Artur Janc (Thursday, 2 June)

• Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Brad Hill (Friday, 3 June)
  • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Artur Janc (Friday, 3 June)
    • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Brad Hill (Friday, 3 June)
      • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Devdatta Akhawe (Friday, 3 June)
        • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Artur Janc (Friday, 3 June)
          • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Devdatta Akhawe (Saturday, 4 June)
            • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Mike West (Monday, 6 June)
            • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Devdatta Akhawe (Monday, 6 June)
            • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Mike West (Monday, 6 June)
            • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Artur Janc (Monday, 6 June)
            • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Devdatta Akhawe (Wednesday, 8 June)
            • Re: Finalizing the shape of CSP ‘unsafe-dynamic’ Mike West (Monday, 20 June)

Re: VC meeting to discuss Permissions spec Jeffrey Yasskin (Wednesday, 1 June)

• Re: VC meeting to discuss Permissions spec Xiaoqian Wu (Thursday, 2 June)
  • Re: VC meeting to discuss Permissions spec Harald Alvestrand (Thursday, 2 June)
    • Re: VC meeting to discuss Permissions spec Jeffrey Yasskin (Thursday, 2 June)
• Re: VC meeting to discuss Permissions spec Anne van Kesteren (Monday, 6 June)
  • Re: VC meeting to discuss Permissions spec Brad Hill (Wednesday, 8 June)
    • Re: VC meeting to discuss Permissions spec Anne van Kesteren (Thursday, 9 June)
      • Re: VC meeting to discuss Permissions spec Martin Thomson (Thursday, 9 June)
    • Re: VC meeting to discuss Permissions spec Chaals McCathie Nevile (Thursday, 9 June)

upgrade-insecure-request-with-fallback Tanvi Vyas (Wednesday, 1 June)

• Re: [UPGRADE] upgrade-insecure-request-with-fallback Peter Eckersley (Thursday, 2 June)
  • Re: [UPGRADE] upgrade-insecure-request-with-fallback Tanvi Vyas (Thursday, 30 June)

Re: [review] Performance API's, Security and Privacy Ilya Grigorik (Wednesday, 1 June)

Re: [webappsec] Tomorrow's teleconference CANCELLED. Mike West (Wednesday, 1 June)

Draft minutes from 16,17-May-2016 F2F @Mozilla, Mtn View Hodges, Jeff (Wednesday, 1 June)

Last message date: Thursday, 30 June 2016 23:16:49 UTC