W3C home > Mailing lists > Public > public-webappsec@w3.org > February 2019

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 18 Feb 2019 17:00:21 +0000
To: public-webappsec@w3.org
Message-Id: <E1gvmHF-0007VW-Ty@uranus.w3.org>



Issues
------
* w3c/webappsec (+0/-0/💬9)
  3 issues received 9 new comments:
  - #546 What about Same-Origin Resource Sharing? (7 by mozfreddyb, arturjanc, ericlaw1979, pak0s)
    https://github.com/w3c/webappsec/issues/546 
  - #544 CSP and HTML Modules (1 by arturjanc)
    https://github.com/w3c/webappsec/issues/544 
  - #543 Prevent programmatic focus in iframe (1 by marian-r)
    https://github.com/w3c/webappsec/issues/543 

* w3c/webappsec-csp (+1/-0/💬2)
  1 issues created:
  - policy's self-origin for CSP policies inserted by <meta> (by hiroshige-g)
    https://github.com/w3c/webappsec-csp/issues/384 

  2 issues received 2 new comments:
  - #8 CSP: form-action and redirects (1 by leeoniya)
    https://github.com/w3c/webappsec-csp/issues/8 [CSP] 
  - #208 Documents are not global objects (1 by hiroshige-g)
    https://github.com/w3c/webappsec-csp/issues/208 

* w3c/webappsec-mixed-content (+0/-0/💬1)
  1 issues received 1 new comments:
  - #18 "strict mixed content checking flag" not defined for environment settings objects (1 by mikewest)
    https://github.com/w3c/webappsec-mixed-content/issues/18 

* w3c/webappsec-upgrade-insecure-requests (+1/-0/💬1)
  1 issues created:
  - protected resource’s URL (by hiroshige-g)
    https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/15 

  1 issues received 1 new comments:
  - #15 protected resource’s URL (1 by hiroshige-g)
    https://github.com/w3c/webappsec-upgrade-insecure-requests/issues/15 

* w3c/webappsec-feature-policy (+4/-0/💬4)
  4 issues created:
  - Visibility/Testability of policy interventions (by triblondon)
    https://github.com/w3c/webappsec-feature-policy/issues/279 
  - Effect of vertical-scroll policy (by triblondon)
    https://github.com/w3c/webappsec-feature-policy/issues/278 
  - Terminology issues relating to "feature" and "disabled" (by triblondon)
    https://github.com/w3c/webappsec-feature-policy/issues/277 
  - Clarify definition of 'autoplay' policy (by triblondon)
    https://github.com/w3c/webappsec-feature-policy/issues/276 

  3 issues received 4 new comments:
  - #163 Proposal: Parameterized features (2 by triblondon, loonybear)
    https://github.com/w3c/webappsec-feature-policy/issues/163 
  - #189 Proposal: define default for all (1 by Jamesernator)
    https://github.com/w3c/webappsec-feature-policy/issues/189 
  - #159 Feature Proposal: optimized images (1 by triblondon)
    https://github.com/w3c/webappsec-feature-policy/issues/159 [proposed feature] 



Pull requests
-------------
* w3c/permissions (+1/-1/💬0)
  1 pull requests submitted:
  - Use [SameObject] for navigator.permissions IDL (by foolip)
    https://github.com/w3c/permissions/pull/190 

  1 pull requests merged:
  - Use [SameObject] for navigator.permissions IDL
    https://github.com/w3c/permissions/pull/190 

* w3c/webappsec-feature-policy (+0/-1/💬2)
  2 pull requests received 2 new comments:
  - #209 Update explainer for unsized media  (1 by clelland)
    https://github.com/w3c/webappsec-feature-policy/pull/209 
  - #164 Clarify what allowusermedia actually does. (1 by clelland)
    https://github.com/w3c/webappsec-feature-policy/pull/164 

  1 pull requests merged:
  - Update explainer for unsized media 
    https://github.com/w3c/webappsec-feature-policy/pull/209 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
Received on Monday, 18 February 2019 17:00:24 UTC

This archive was generated by hypermail 2.3.1 : Monday, 18 February 2019 17:00:24 UTC