W3C home > Mailing lists > Public > public-webappsec@w3.org > May 2019

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 27 May 2019 17:00:16 +0000
To: public-webappsec@w3.org
Message-Id: <E1hVIyu-0002tf-5M@uranus.w3.org>



Issues
------
* w3c/webappsec (+1/-0/💬2)
  1 issues created:
  - "UI Security" is not the correct Shortname (by tabatkins)
    https://github.com/w3c/webappsec/issues/553 

  1 issues received 2 new comments:
  - #550 Adopt Fetch Metadata as a deliverable. (2 by mikewest, dveditz)
    https://github.com/w3c/webappsec/issues/550 [CfC] 

* w3c/webappsec-csp (+2/-0/💬7)
  2 issues created:
  - Use of "Get the effective directive for inline checks" in "Should navigation request of type from source in target be blocked by Content Security Policy?" doesn't seem to make sense (by bzbarsky)
    https://github.com/w3c/webappsec-csp/issues/396 
  - Scripts only in <head> (by craigfrancis)
    https://github.com/w3c/webappsec-csp/issues/395 

  2 issues received 7 new comments:
  - #395 Scripts only in <head> (4 by annevk, craigfrancis)
    https://github.com/w3c/webappsec-csp/issues/395 
  - #394 Consider removing plugin-types (3 by annevk, lbherrera, mikewest)
    https://github.com/w3c/webappsec-csp/issues/394 

* w3c/webappsec-clear-site-data (+0/-0/💬1)
  1 issues received 1 new comments:
  - #59 Drop executionContexts? (1 by ericlaw1979)
    https://github.com/w3c/webappsec-clear-site-data/issues/59 

* w3c/webappsec-feature-policy (+0/-1/💬6)
  3 issues received 6 new comments:
  - #274 Allowing cases where document.write is "ok" (4 by foolip, jakearchibald)
    https://github.com/w3c/webappsec-feature-policy/issues/274 [feature question] 
  - #312 "Enforce" links (and "enforce" generally) (1 by eeeps)
    https://github.com/w3c/webappsec-feature-policy/issues/312 
  - #55 Support for declaring feature policy in HTML (1 by clelland)
    https://github.com/w3c/webappsec-feature-policy/issues/55 [feedback] 

  1 issues closed:
  - "Enforce" links (and "enforce" generally) https://github.com/w3c/webappsec-feature-policy/issues/312 



Pull requests
-------------
* w3c/webappsec-subresource-integrity (+1/-1/💬2)
  1 pull requests submitted:
  - Fix formatting (by tom93)
    https://github.com/w3c/webappsec-subresource-integrity/pull/81 

  1 pull requests received 2 new comments:
  - #81 Fix formatting (2 by mozfreddyb)
    https://github.com/w3c/webappsec-subresource-integrity/pull/81 

  1 pull requests merged:
  - Fix formatting
    https://github.com/w3c/webappsec-subresource-integrity/pull/81 

* w3c/webappsec-feature-policy (+4/-6/💬4)
  4 pull requests submitted:
  - Clarify forgiving approach for document-write policy (by foolip)
    https://github.com/w3c/webappsec-feature-policy/pull/318 
  - Hyphenate 'sync-xhr' policy in example (by foolip)
    https://github.com/w3c/webappsec-feature-policy/pull/317 
  - Don't "enforce" feature policies, set them (#312) (by eeeps)
    https://github.com/w3c/webappsec-feature-policy/pull/316 
  - features.md: Add 'loading-image-default-eager'. (by Malvoz)
    https://github.com/w3c/webappsec-feature-policy/pull/315 

  2 pull requests received 4 new comments:
  - #310 Add definitions to other page lifecyle feature policies (2 by dtapuska, clelland)
    https://github.com/w3c/webappsec-feature-policy/pull/310 
  - #318 Clarify forgiving approach for document-write policy (2 by foolip, clelland)
    https://github.com/w3c/webappsec-feature-policy/pull/318 

  6 pull requests merged:
  - Dehyphenate "web platform"
    https://github.com/w3c/webappsec-feature-policy/pull/308 
  - Don't "enforce" feature policies, set them (#312)
    https://github.com/w3c/webappsec-feature-policy/pull/316 
  - Clarify forgiving approach for document-write policy
    https://github.com/w3c/webappsec-feature-policy/pull/318 
  - Hyphenate 'sync-xhr' policy in example
    https://github.com/w3c/webappsec-feature-policy/pull/317 
  - Create focus-without-user-activation.md
    https://github.com/w3c/webappsec-feature-policy/pull/304 
  - Add definitions to other page lifecyle feature policies
    https://github.com/w3c/webappsec-feature-policy/pull/310 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
Received on Monday, 27 May 2019 17:00:18 UTC

This archive was generated by hypermail 2.3.1 : Monday, 27 May 2019 17:00:19 UTC