W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2019

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 26 Aug 2019 17:00:18 +0000
To: public-webappsec@w3.org
Message-Id: <E1i2ILq-00087F-3K@uranus.w3.org>



Issues
------
* w3c/webappsec (+1/-0/💬4)
  1 issues created:
  - TPAC 2019 Agenda. (by mikewest)
    https://github.com/w3c/webappsec/issues/555 

  1 issues received 4 new comments:
  - #555 TPAC 2019 Agenda. (4 by annevk, mikewest, Malvoz, deian)
    https://github.com/w3c/webappsec/issues/555 

* w3c/webappsec-csp (+1/-0/💬1)
  1 issues created:
  - Update spec to new IDL syntax for optional dictionaries (by Ms2ger)
    https://github.com/w3c/webappsec-csp/issues/408 

  1 issues received 1 new comments:
  - #7 CSP: connect-src 'self' and websockets (1 by Malvoz)
    https://github.com/w3c/webappsec-csp/issues/7 [CSP] 

* w3c/webappsec-mixed-content (+1/-0/💬0)
  1 issues created:
  - `cors-with-forced-preflight` is not a mode. (by mikewest)
    https://github.com/w3c/webappsec-mixed-content/issues/23 

* w3c/webappsec-upgrade-insecure-requests (+1/-0/💬0)
  1 issues created:
  - URL's `port` is `null` if default value. (by mikewest)
    https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/18 

* w3c/webappsec-credential-management (+2/-0/💬0)
  2 issues created:
  - Feature Request: Ability to store public/private keys from crypto.subtle.generateKey (by ThisIsMissEm)
    https://github.com/w3c/webappsec-credential-management/issues/141 
  - Update spec to new IDL syntax for optional dictionaries (by Ms2ger)
    https://github.com/w3c/webappsec-credential-management/issues/140 

* w3c/permissions (+2/-0/💬0)
  2 issues created:
  - "Changes to this document may be tracked at" points to incorrect repo ? (by equalsJeffH)
    https://github.com/w3c/permissions/issues/198 
  - `MidiPermissionDescriptor` in example 1 is confusing (by equalsJeffH)
    https://github.com/w3c/permissions/issues/197 

* w3c/webappsec-feature-policy (+1/-0/💬6)
  1 issues created:
  - revise "webauthn" feature-identifier token to be "publickey-credentials" (by equalsJeffH)
    https://github.com/w3c/webappsec-feature-policy/issues/335 

  2 issues received 6 new comments:
  - #298 Architecture discussion: Permissions (5 by annevk, equalsJeffH, clelland)
    https://github.com/w3c/webappsec-feature-policy/issues/298 [architecture] 
  - #270 Proposal: Restricting the font-display (1 by Malvoz)
    https://github.com/w3c/webappsec-feature-policy/issues/270 [proposed feature] 

* w3c/webappsec-fetch-metadata (+0/-0/💬1)
  1 issues received 1 new comments:
  - #12 Extensions behavior is not defined (1 by mikewest)
    https://github.com/w3c/webappsec-fetch-metadata/issues/12 

* WICG/trusted-types (+1/-0/💬2)
  1 issues created:
  - Support a truly report-only default policy (by koto)
    https://github.com/WICG/trusted-types/issues/209 

  1 issues received 2 new comments:
  - #209 Support a truly report-only and debuggable default policy (2 by koto)
    https://github.com/WICG/trusted-types/issues/209 



Pull requests
-------------
* w3c/webappsec-csp (+1/-1/💬1)
  1 pull requests submitted:
  - Add explicit [Exposed] + dictionary default value (by saschanaz)
    https://github.com/w3c/webappsec-csp/pull/407 

  1 pull requests received 1 new comments:
  - #407 Add explicit [Exposed] + dictionary default value (1 by saschanaz)
    https://github.com/w3c/webappsec-csp/pull/407 

  1 pull requests merged:
  - Add explicit [Exposed] + dictionary default value
    https://github.com/w3c/webappsec-csp/pull/407 

* w3c/webappsec-mixed-content (+1/-0/💬3)
  1 pull requests submitted:
  - Fill out Level 2 spec (by estark37)
    https://github.com/w3c/webappsec-mixed-content/pull/22 

  1 pull requests received 3 new comments:
  - #22 Fill out Level 2 spec (3 by mikewest, estark37)
    https://github.com/w3c/webappsec-mixed-content/pull/22 

* w3c/webappsec-credential-management (+1/-0/💬1)
  1 pull requests submitted:
  - Add default dictionary value (by saschanaz)
    https://github.com/w3c/webappsec-credential-management/pull/139 

  1 pull requests received 1 new comments:
  - #139 Add default dictionary value (1 by saschanaz)
    https://github.com/w3c/webappsec-credential-management/pull/139 

* w3c/webappsec-feature-policy (+3/-0/💬0)
  3 pull requests submitted:
  - rename 'webauthn' feature-identifier token  to 'publickey-credentials' (by equalsJeffH)
    https://github.com/w3c/webappsec-feature-policy/pull/336 
  - Add explicit [Exposed] (by saschanaz)
    https://github.com/w3c/webappsec-feature-policy/pull/334 
  - Explain why we need more than the `loading` attribute (by Malvoz)
    https://github.com/w3c/webappsec-feature-policy/pull/333 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/WICG/trusted-types
Received on Monday, 26 August 2019 17:00:20 UTC

This archive was generated by hypermail 2.3.1 : Monday, 26 August 2019 17:00:21 UTC