W3C home > Mailing lists > Public > public-webappsec@w3.org > February 2020

Weekly github digest (WebAppSec specs)

From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
Date: Mon, 24 Feb 2020 17:00:20 +0000
To: public-webappsec@w3.org
Message-Id: <E1j6H5g-0003PP-Vi@uranus.w3.org>



Issues
------
* w3c/webappsec-subresource-integrity (+0/-1/💬7)
  2 issues received 7 new comments:
  - #91 SubResourceIntegrity check failed for <link> tag (1 by dveditz)
    https://github.com/w3c/webappsec-subresource-integrity/issues/91 
  - #11 SHA-3/Keccak (6 by agl, annevk, devd, isaacs, mikewest)
    https://github.com/w3c/webappsec-subresource-integrity/issues/11 [feature-request] 

  1 issues closed:
  - SubResourceIntegrity check failed for <link> tag https://github.com/w3c/webappsec-subresource-integrity/issues/91 

* w3c/webappsec-csp (+1/-0/💬0)
  1 issues created:
  - Inconsistent behavior of frame-ancestors versus implementations (by iangcarroll)
    https://github.com/w3c/webappsec-csp/issues/421 

* w3c/webappsec-feature-policy (+2/-0/💬0)
  2 issues created:
  - Disabling JavaScript (by nickcolley)
    https://github.com/w3c/webappsec-feature-policy/issues/365 
  - Remove or replace `vr` in the examples (by Malvoz)
    https://github.com/w3c/webappsec-feature-policy/issues/364 

* w3c/webappsec-fetch-metadata (+0/-0/💬2)
  2 issues received 2 new comments:
  - #54 Should we ignore invalid values? (1 by sspi)
    https://github.com/w3c/webappsec-fetch-metadata/issues/54 
  - #28 Why is `Sec-Fetch-Site` based on the full URL redirect chain? (1 by annevk)
    https://github.com/w3c/webappsec-fetch-metadata/issues/28 

* WICG/trusted-types (+2/-0/💬5)
  2 issues created:
  - Document.write and such as names are misleading (by annevk)
    https://github.com/w3c/webappsec-trusted-types/issues/260 
  - Restrict to secure contexts (by annevk)
    https://github.com/w3c/webappsec-trusted-types/issues/259 

  2 issues received 5 new comments:
  - #260 Document.write and such as names are misleading (2 by annevk, koto)
    https://github.com/w3c/webappsec-trusted-types/issues/260 
  - #259 Restrict to secure contexts (3 by jonathanKingston, koto)
    https://github.com/w3c/webappsec-trusted-types/issues/259 



Pull requests
-------------
* w3c/webappsec-feature-policy (+1/-1/💬0)
  1 pull requests submitted:
  - Update document policy privacy + security (by clelland)
    https://github.com/w3c/webappsec-feature-policy/pull/363 

  1 pull requests merged:
  - Update document policy privacy + security
    https://github.com/w3c/webappsec-feature-policy/pull/363 


Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/WICG/trusted-types
* https://github.com/w3c/webappsec-unofficial-drafts
Received on Monday, 24 February 2020 17:00:23 UTC

This archive was generated by hypermail 2.4.0 : Monday, 24 February 2020 17:00:24 UTC