- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 05 Mar 2018 17:00:14 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1estTC-00068v-31@uranus.w3.org>
Issues
------
* w3c/webappsec-subresource-integrity (+1/-0/💬4)
1 issues created:
- A new IntegrityCheckFailure event (by ScottHelme)
https://github.com/w3c/webappsec-subresource-integrity/issues/77
3 issues received 4 new comments:
- #77 A new IntegrityCheckFailure event (2 by ScottHelme, mozfreddyb)
https://github.com/w3c/webappsec-subresource-integrity/issues/77
- #20 Consider integrity check violation reporting (1 by ScottHelme)
https://github.com/w3c/webappsec-subresource-integrity/issues/20
- #21 Consider integrity enforcement of iframe (1 by BigBlueHat)
https://github.com/w3c/webappsec-subresource-integrity/issues/21
* w3c/webappsec-csp (+1/-0/💬3)
1 issues created:
- Add directive similar to ‘X-Content-Type-Options: nosniff’? (by valtlai)
https://github.com/w3c/webappsec-csp/issues/298
3 issues received 3 new comments:
- #298 Add directive similar to ‘X-Content-Type-Options: nosniff’? (1 by jonathanKingston)
https://github.com/w3c/webappsec-csp/issues/298
- #116 Allow nonce-source to be used in more directives. (1 by frederikbosch)
https://github.com/w3c/webappsec-csp/issues/116
- #45 Further granularity of unsafe-inline styles (1 by arturjanc)
https://github.com/w3c/webappsec-csp/issues/45 [CORE]
* w3c/webappsec-credential-management (+0/-0/💬2)
1 issues received 2 new comments:
- #3 CREDENTIAL: Reconsider the top-level browsing context limitation. (2 by apowers313, mikewest)
https://github.com/w3c/webappsec-credential-management/issues/3 [CREDENTIAL]
* w3c/webappsec-secure-contexts (+2/-1/💬2)
2 issues created:
- "Is an environment settings object contextually secure?" does not work for worklets (by annevk)
https://github.com/w3c/webappsec-secure-contexts/issues/57
- "Is an environment settings object contextually secure?" does not deal with nested workers (by annevk)
https://github.com/w3c/webappsec-secure-contexts/issues/56
1 issues received 2 new comments:
- #56 "Is an environment settings object contextually secure?" does not deal with nested workers (2 by bzbarsky)
https://github.com/w3c/webappsec-secure-contexts/issues/56
1 issues closed:
- Should secure iframes of insecure parents be considered secure? Spec is self-contradictory. https://github.com/w3c/webappsec-secure-contexts/issues/54
Pull requests
-------------
* w3c/webappsec-csp (+0/-0/💬1)
1 pull requests received 1 new comments:
- #287 Introduce 'webrtc-src'. (1 by patrickkettner)
https://github.com/w3c/webappsec-csp/pull/287
* w3c/webappsec-secure-contexts (+0/-1/💬4)
1 pull requests received 4 new comments:
- #55 Reintroduce the dependency on a parent's security. (4 by annevk, estark37, bzbarsky)
https://github.com/w3c/webappsec-secure-contexts/pull/55
1 pull requests merged:
- Reintroduce the dependency on a parent's security.
https://github.com/w3c/webappsec-secure-contexts/pull/55
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
Received on Monday, 5 March 2018 17:00:26 UTC