W3C home > Mailing lists > Public > public-webappsec@w3.org > March 2019

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 11 Mar 2019 17:00:25 +0000
To: public-webappsec@w3.org
Message-Id: <E1h3OHp-00064Q-L4@uranus.w3.org>



Issues
------
* w3c/webappsec (+0/-0/💬26)
  1 issues received 26 new comments:
  - #538 Distrusting the web server (26 by leo-lb, hlandau, mischmerz)
    https://github.com/w3c/webappsec/issues/538 

* w3c/webappsec-subresource-integrity (+0/-0/💬4)
  1 issues received 4 new comments:
  - #22 Consider shared caching (4 by ArneBab, kevincox, cben)
    https://github.com/w3c/webappsec-subresource-integrity/issues/22 

* w3c/webappsec-csp (+1/-0/💬1)
  1 issues created:
  - http-equiv delivery method: recommend to set after <meta charset="utf-8">? (by Malvoz)
    https://github.com/w3c/webappsec-csp/issues/387 

  1 issues received 1 new comments:
  - #13 Inline event handlers not whitelisted by hashes? (1 by remyabel)
    https://github.com/w3c/webappsec-csp/issues/13 [CSP] 

* w3c/webappsec-credential-management (+1/-0/💬1)
  1 issues created:
  - note considerations wrt credential processing in private/incognito context (by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/134 

  1 issues received 1 new comments:
  - #133 What can be passed as fetch() credentials? (1 by lgarron)
    https://github.com/w3c/webappsec-credential-management/issues/133 

* w3c/webappsec-feature-policy (+1/-0/💬8)
  1 issues created:
  - HTML calls Initialize document’s Feature Policy seems wrong (by annevk)
    https://github.com/w3c/webappsec-feature-policy/issues/284 

  5 issues received 8 new comments:
  - #260 export anchor terms for algorithms (2 by annevk, clelland)
    https://github.com/w3c/webappsec-feature-policy/issues/260 
  - #241 Proposal: Control over `document.domain` (2 by DavidBruant, clelland)
    https://github.com/w3c/webappsec-feature-policy/issues/241 [proposed feature] 
  - #284 HTML calls Initialize document’s Feature Policy seems wrong (2 by annevk, clelland)
    https://github.com/w3c/webappsec-feature-policy/issues/284 
  - #270 Proposal: Restricting the font-display (1 by yshrdbrn)
    https://github.com/w3c/webappsec-feature-policy/issues/270 
  - #244 Maintain a registry (1 by clelland)
    https://github.com/w3c/webappsec-feature-policy/issues/244 



Pull requests
-------------
* w3c/webappsec-csp (+0/-1/💬0)
  1 pull requests merged:
  - Spec the form of the report body delivered to the Reporting API.
    https://github.com/w3c/webappsec-csp/pull/385 

* w3c/webappsec-feature-policy (+1/-1/💬1)
  1 pull requests submitted:
  - fix typo in header name (by cvazac)
    https://github.com/w3c/webappsec-feature-policy/pull/285 

  1 pull requests received 1 new comments:
  - #285 fix typo in header name (1 by clelland)
    https://github.com/w3c/webappsec-feature-policy/pull/285 

  1 pull requests merged:
  - fix typo in header name
    https://github.com/w3c/webappsec-feature-policy/pull/285 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
Received on Monday, 11 March 2019 17:00:27 UTC

This archive was generated by hypermail 2.3.1 : Monday, 11 March 2019 17:00:27 UTC