W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2018

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 29 Jan 2018 17:00:13 +0000
To: public-webappsec@w3.org
Message-Id: <E1egCmz-0002zM-9R@uranus.w3.org>



Issues
------
* w3c/webappsec-subresource-integrity (+0/-0/💬4)
  1 issues received 4 new comments:
  - #26 Extend SRI to apply to <link rel=preload> (4 by jyasskin, annevk, mikewest, guybedford)
    https://github.com/w3c/webappsec-subresource-integrity/issues/26

* w3c/webappsec-csp (+0/-1/💬3)
  2 issues received 3 new comments:
  - #289 CSP vulnerability enabling cross-origin session data exfiltration (2 by albinowax, eligrey)
    https://github.com/w3c/webappsec-csp/issues/289
  - #8 CSP: form-action and redirects (1 by Changaco)
    https://github.com/w3c/webappsec-csp/issues/8

  1 issues closed:
  - CSP vulnerability enabling cross-origin session data exfiltration https://github.com/w3c/webappsec-csp/issues/289



Pull requests
-------------
* w3c/webappsec-csp (+1/-0/💬2)
  1 pull requests submitted:
  - The `navigation-to` directive (by andypaicu)
    https://github.com/w3c/webappsec-csp/pull/290

  2 pull requests received 2 new comments:
  - #290 The `navigation-to` directive (1 by annevk)
    https://github.com/w3c/webappsec-csp/pull/290
  - #287 Introduce 'webrtc-src'. (1 by alvestrand)
    https://github.com/w3c/webappsec-csp/pull/287


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
Received on Monday, 29 January 2018 17:00:15 UTC

This archive was generated by hypermail 2.3.1 : Monday, 29 January 2018 17:00:16 UTC