W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2019

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 13 May 2019 17:00:22 +0000
To: public-webappsec@w3.org
Message-Id: <E1hQEJK-0003Tm-1M@uranus.w3.org>



Issues
------
* w3c/webappsec-csp (+1/-0/💬11)
  1 issues created:
  - Consider removing plugin-types (by annevk)
    https://github.com/w3c/webappsec-csp/issues/394 

  4 issues received 11 new comments:
  - #243 Any protection against dynamic module import? (5 by mikesamuel, briansmith)
    https://github.com/w3c/webappsec-csp/issues/243 
  - #392 Enforce "at most once" semantics for scripts (4 by annevk, briansmith)
    https://github.com/w3c/webappsec-csp/issues/392 
  - #256 Add way to define all country code top-level domain. (1 by laukstein)
    https://github.com/w3c/webappsec-csp/issues/256 
  - #391 Extend `frame-ancestors` to allow resizing iframe based on its contents. (1 by craigfrancis)
    https://github.com/w3c/webappsec-csp/issues/391 

* w3c/webappsec-credential-management (+3/-0/💬2)
  3 issues created:
  - finish PR #100: update "request a credential" algorithm (by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/137 
  - add feature policy support (by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/136 
  - feature policy for the various credential types: per-credential?  all-included? (by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/135 [enhancement] 

  2 issues received 2 new comments:
  - #136 add feature policy support for webauthn (1 by agl)
    https://github.com/w3c/webappsec-credential-management/issues/136 [enhancement] 
  - #135 feature policy for the various credential types: per-credential?  all-included? (1 by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/issues/135 [enhancement] 

* w3c/webappsec-clear-site-data (+0/-0/💬1)
  1 issues received 1 new comments:
  - #33 Setting and clearing data in same response (1 by kennethkufluk)
    https://github.com/w3c/webappsec-clear-site-data/issues/33 

* w3c/webappsec-feature-policy (+1/-1/💬5)
  1 issues created:
  - define the term "feature" (by equalsJeffH)
    https://github.com/w3c/webappsec-feature-policy/issues/309 

  3 issues received 5 new comments:
  - #65 Expose policy to javascript (3 by annevk, clelland, foolip)
    https://github.com/w3c/webappsec-feature-policy/issues/65 [definition] 
  - #55 Support for declaring feature policy in HTML (1 by Jamesernator)
    https://github.com/w3c/webappsec-feature-policy/issues/55 
  - #153 Typo on "allowusermedia" section (1 by foolip)
    https://github.com/w3c/webappsec-feature-policy/issues/153 [duplicate] 

  1 issues closed:
  - Expose policy to javascript https://github.com/w3c/webappsec-feature-policy/issues/65 [definition] 



Pull requests
-------------
* w3c/webappsec-csp (+1/-0/💬1)
  1 pull requests submitted:
  - typo: s/thich/which/ (by mikesamuel)
    https://github.com/w3c/webappsec-csp/pull/393 

  1 pull requests received 1 new comments:
  - #393 typo: s/thich/which/ (1 by mikesamuel)
    https://github.com/w3c/webappsec-csp/pull/393 

* w3c/webappsec-credential-management (+1/-0/💬3)
  1 pull requests submitted:
  - Add Feature Policy support for WebAuthn (by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/pull/138 [enhancement] 

  2 pull requests received 3 new comments:
  - #138 Add Feature Policy support for WebAuthn (2 by mikewest, equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/pull/138 [enhancement] 
  - #131 Drop 'origin' from public interfaces after #100. (1 by equalsJeffH)
    https://github.com/w3c/webappsec-credential-management/pull/131 

* w3c/webappsec-feature-policy (+2/-1/💬2)
  2 pull requests submitted:
  - Dehyphenate "web platform" (by foolip)
    https://github.com/w3c/webappsec-feature-policy/pull/308 
  - Clarify wording of non-Window global scopes issue (by foolip)
    https://github.com/w3c/webappsec-feature-policy/pull/307 

  1 pull requests received 2 new comments:
  - #294 change status to fpwd (2 by samuelweiler, clelland)
    https://github.com/w3c/webappsec-feature-policy/pull/294 

  1 pull requests merged:
  - change status to fpwd
    https://github.com/w3c/webappsec-feature-policy/pull/294 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
Received on Monday, 13 May 2019 17:00:23 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 May 2019 17:00:24 UTC