'strict-dynamic' syntax (was Re: On the Insecurity of Whitelists and the Future of CSP)
[blink-dev] Must have SSL or dedicated IP address?
[Css-images] Re: CSS fetch integration
[SRI] reporting (Was: [SRI] require-sri-for syntax and additional SRI/CSP interaction
[SRI] require-sri-for syntax and additional SRI/CSP interaction
[SRI] require-sri-for: missing integrity metadata? same-origin loads?
[suborigins] The origin relationship to suborigins
[webappsec] draft agenda for tomorrow's teleconference
[webappsec] WG Note: CORS for developers
`localhost` as Secure Context, take 2 (was Re: CfC: Transition "Secure Contexts" to CR; deadline August 2nd.)
Autoclave
Call availability during TPAC?
Call for Exclusions: Secure Contexts
Call on 9/21
CORS-safelisted request headers should be restricted according to RFC 7231
CSP tools and documentation
CSP: Embedded Enforcement
CSS fetch integration
Fwd: DRM protest timed with TPAC 2016
HSTS Priming
Isolate-Me explainer
- Krzysztof Kotowicz (Wednesday, 21 September)
- Mike West (Wednesday, 21 September)
- Emily Stark (Dunn) (Wednesday, 21 September)
- Crispin Cowan (Wednesday, 21 September)
- Emily Stark (Dunn) (Wednesday, 21 September)
- Emily Stark (Dunn) (Wednesday, 21 September)
- Artur Janc (Tuesday, 20 September)
- Craig Francis (Tuesday, 20 September)
- Crispin Cowan (Tuesday, 20 September)
- Charlie Reis (Tuesday, 20 September)
- Tanvi Vyas (Monday, 19 September)
- John Wilander (Monday, 19 September)
- Emily Stark (Dunn) (Monday, 19 September)
- Artur Janc (Monday, 19 September)
- John Wilander (Monday, 19 September)
- Crispin Cowan (Monday, 19 September)
- Emily Stark (Dunn) (Friday, 16 September)
On the Insecurity of Whitelists and the Future of CSP
- Oda, Terri (Monday, 12 September)
- Jim Manico (Thursday, 8 September)
- Daniel Veditz (Thursday, 8 September)
- Daniel Veditz (Thursday, 8 September)
- Daniel Veditz (Thursday, 8 September)
- Mike West (Thursday, 8 September)
- Christoph Kerschbaumer (Thursday, 8 September)
- Anne van Kesteren (Thursday, 8 September)
- Artur Janc (Thursday, 8 September)
- Artur Janc (Thursday, 8 September)
- Anne van Kesteren (Thursday, 8 September)
- Artur Janc (Thursday, 8 September)
- Christoph Kerschbaumer (Thursday, 8 September)
- Craig Francis (Thursday, 8 September)
- Artur Janc (Wednesday, 7 September)
- Hodges, Jeff (Wednesday, 7 September)
Quoted Referrer-Policy values
remote participation for today's session
remote participation for TPAC
Restrict loopback address to Secure Contexts?
- Anne van Kesteren (Wednesday, 28 September)
- Crispin Cowan (Tuesday, 27 September)
- Mike West (Tuesday, 27 September)
- Crispin Cowan (Tuesday, 27 September)
- Eduardo' Vela\ (Tuesday, 27 September)
- Mike West (Tuesday, 27 September)
- Eduardo' Vela\ (Tuesday, 27 September)
- Mike West (Tuesday, 27 September)
- Eduardo' Vela\ (Tuesday, 27 September)
- Eduardo' Vela\ (Tuesday, 27 September)
- Mike West (Tuesday, 27 September)
- Anne van Kesteren (Tuesday, 27 September)
- Mike West (Tuesday, 27 September)
- Mike West (Tuesday, 27 September)
- Mohan Sekar (Tuesday, 27 September)
- Anne van Kesteren (Tuesday, 27 September)
- Crispin Cowan (Tuesday, 27 September)
- Mike West (Tuesday, 27 September)
- Crispin Cowan (Tuesday, 27 September)
- Devdatta Akhawe (Tuesday, 27 September)
- Crispin Cowan (Monday, 26 September)
- John Wilander (Monday, 26 September)
- Crispin Cowan (Monday, 26 September)
- Mike West (Monday, 26 September)
- John Wilander (Monday, 26 September)
WebAppSec and Auto WG discussion during TPAC
webappsec tpac 2016 session agenda (?)
Workshop on Web Application Security 2016 Stanford University, Sep. 9, 2016
Last message date: Thursday, 29 September 2016 15:15:57 UTC