W3C home > Mailing lists > Public > public-webappsec@w3.org > June 2018

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 04 Jun 2018 17:00:08 +0000
To: public-webappsec@w3.org
Message-Id: <E1fPsq0-0000G7-15@uranus.w3.org>



Issues
------
* w3c/webappsec (+0/-1/💬3)
  2 issues received 3 new comments:
  - #139 CSP3: Add something along the lines of `disown-window-owner`. (2 by annevk, baptx)
    https://github.com/w3c/webappsec/issues/139 [CSP] 
  - #534 'strict-dynamic' should not be bound to only nonces/hashes (1 by annevk)
    https://github.com/w3c/webappsec/issues/534 

  1 issues closed:
  - CSP3: Add something along the lines of `disown-window-owner`. https://github.com/w3c/webappsec/issues/139 [CSP] 

* w3c/webappsec-csp (+0/-0/💬2)
  2 issues received 2 new comments:
  - #194 The `disown-opener` directive is not the right model (1 by baptx)
    https://github.com/w3c/webappsec-csp/issues/194 
  - #308 BackSwap type of attack (1 by dveditz)
    https://github.com/w3c/webappsec-csp/issues/308 

* w3c/permissions (+0/-0/💬3)
  1 issues received 3 new comments:
  - #165 A new permission for canvas data (3 by jackpalmer1, KOLANICH)
    https://github.com/w3c/permissions/issues/165 

* w3c/webappsec-referrer-policy (+0/-1/💬0)
  1 issues closed:
  - Why no referrerpolicy="" on <script>? https://github.com/w3c/webappsec-referrer-policy/issues/96 

* w3c/webappsec-clear-site-data (+1/-0/💬1)
  1 issues created:
  - file-backed blobs that have been passed to cross-origin contexts (by wanderview)
    https://github.com/w3c/webappsec-clear-site-data/issues/49 

  1 issues received 1 new comments:
  - #49 how should outstanding file-backed blobs be handled when site data is cleared? (1 by annevk)
    https://github.com/w3c/webappsec-clear-site-data/issues/49 




Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
Received on Monday, 4 June 2018 17:00:28 UTC

This archive was generated by hypermail 2.3.1 : Monday, 4 June 2018 17:00:29 UTC