- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 16 Sep 2019 17:00:14 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1i9uMI-0001d3-FY@uranus.w3.org>
Issues
------
* w3c/webappsec (+0/-0/💬5)
1 issues received 5 new comments:
- #555 TPAC 2019 Agenda. (5 by annevk, cyberphone, clelland, yoavweiss, arturjanc)
https://github.com/w3c/webappsec/issues/555
* w3c/webappsec-subresource-integrity (+1/-0/💬0)
1 issues created:
- Relationship to Digest header (by LPardue)
https://github.com/w3c/webappsec-subresource-integrity/issues/83
* w3c/webappsec-csp (+0/-0/💬1)
1 issues received 1 new comments:
- #348 Allow report-to in CSP and CSPRO meta tags (1 by eligrey)
https://github.com/w3c/webappsec-csp/issues/348
* w3c/permissions (+1/-1/💬1)
1 issues created:
- Screen sharing permission "display" should be "display-capture" (by jan-ivar)
https://github.com/w3c/permissions/issues/199
1 issues received 1 new comments:
- #199 Screen sharing permission "display" should be "display-capture" (1 by jan-ivar)
https://github.com/w3c/permissions/issues/199
1 issues closed:
- Screen sharing permission "display" should be "display-capture" https://github.com/w3c/permissions/issues/199
* w3c/webappsec-referrer-policy (+1/-0/💬0)
1 issues created:
- Inconsistencies with "same-origin" requests (by domfarolino)
https://github.com/w3c/webappsec-referrer-policy/issues/123
* w3c/webappsec-feature-policy (+1/-0/💬2)
1 issues created:
- Add display-capture (by annevk)
https://github.com/w3c/webappsec-feature-policy/issues/339
2 issues received 2 new comments:
- #230 Need to define how 'src' works with sandboxed frames (1 by annevk)
https://github.com/w3c/webappsec-feature-policy/issues/230 [definition]
- #55 Support for declaring feature policy in HTML (1 by mikewest)
https://github.com/w3c/webappsec-feature-policy/issues/55 [feedback]
* w3c/webappsec-fetch-metadata (+1/-2/💬5)
1 issues created:
- Comparison does not seem to account for opaque origins (by annevk)
https://github.com/w3c/webappsec-fetch-metadata/issues/41
2 issues received 5 new comments:
- #37 Handling iframing via <embed> / <object> (3 by annevk, arturjanc)
https://github.com/w3c/webappsec-fetch-metadata/issues/37
- #34 Treat http://foo.com -> https://foo.com requests as `Sec-Fetch-Site: cross-site`. (2 by annevk, mikewest)
https://github.com/w3c/webappsec-fetch-metadata/issues/34
2 issues closed:
- Comparison does not seem to account for opaque origins https://github.com/w3c/webappsec-fetch-metadata/issues/41
- Treat http://foo.com -> https://foo.com requests as `Sec-Fetch-Site: cross-site`. https://github.com/w3c/webappsec-fetch-metadata/issues/34
* WICG/trusted-types (+2/-0/💬3)
2 issues created:
- Consider adding TT.emptyScript (by koto)
https://github.com/WICG/trusted-types/issues/218
- Intent to Migrate: Trusted Types (by koto)
https://github.com/WICG/trusted-types/issues/215
1 issues received 3 new comments:
- #36 Expose information on status of TrustedTypes enforcement (3 by koto, Siegrift)
https://github.com/WICG/trusted-types/issues/36 [spec]
Pull requests
-------------
* w3c/webappsec (+1/-1/💬0)
1 pull requests submitted:
- add webex link (by samuelweiler)
https://github.com/w3c/webappsec/pull/556
1 pull requests merged:
- add webex link
https://github.com/w3c/webappsec/pull/556
* w3c/permissions (+0/-0/💬1)
1 pull requests received 1 new comments:
- #188 Rename 'display' permission to 'display-capture'. (1 by jan-ivar)
https://github.com/w3c/permissions/pull/188
* w3c/webappsec-fetch-metadata (+1/-1/💬3)
1 pull requests submitted:
- Sec-Fetch-Site's scheme comparison should account for opaque origins. (by mikewest)
https://github.com/w3c/webappsec-fetch-metadata/pull/42
1 pull requests received 3 new comments:
- #42 Sec-Fetch-Site's scheme comparison should account for opaque origins. (3 by annevk, mikewest)
https://github.com/w3c/webappsec-fetch-metadata/pull/42
1 pull requests merged:
- Sec-Fetch-Site's scheme comparison should account for opaque origins.
https://github.com/w3c/webappsec-fetch-metadata/pull/42
* WICG/trusted-types (+4/-4/💬2)
4 pull requests submitted:
- Add missing externs (by Siegrift)
https://github.com/WICG/trusted-types/pull/217
- Release new version: 1.1.0 (by koto)
https://github.com/WICG/trusted-types/pull/216
- Don't throw on policy collision when policy names = * (by Siegrift)
https://github.com/WICG/trusted-types/pull/214
- Fix default policy minification error, enable some closure flags (by Siegrift)
https://github.com/WICG/trusted-types/pull/213
1 pull requests received 2 new comments:
- #213 Fix default policy minification error, enable some closure flags (2 by koto, Siegrift)
https://github.com/WICG/trusted-types/pull/213
4 pull requests merged:
- Release new version: 1.1.0
https://github.com/WICG/trusted-types/pull/216
- Build polyfill for multiple environments
https://github.com/WICG/trusted-types/pull/210
- Don't throw on policy collision when policy names = *
https://github.com/WICG/trusted-types/pull/214
- Fix default policy minification error, enable some closure flags
https://github.com/WICG/trusted-types/pull/213
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/WICG/trusted-types
Received on Monday, 16 September 2019 17:00:17 UTC