- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 18 May 2020 17:00:12 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1jaj7c-00070e-OQ@uranus.w3.org>
Issues
------
* w3c/webappsec-csp (+1/-0/💬4)
1 issues created:
- Clarify/test which quote characters may be used (by foolip)
https://github.com/w3c/webappsec-csp/issues/434
2 issues received 4 new comments:
- #434 Clarify/test which quote characters may be used (3 by annevk, bakkot, foolip)
https://github.com/w3c/webappsec-csp/issues/434
- #6 [CSP] specify handling of malformed content-security-policy HTTP header (1 by foolip)
https://github.com/w3c/webappsec-csp/issues/6
* w3c/webappsec-feature-policy (+2/-0/💬8)
2 issues created:
- Feature Policy syntax: Structured Header? (by clelland)
https://github.com/w3c/webappsec-feature-policy/issues/376
- Remove "requires acknowledgment" flag and associated machinery (by clelland)
https://github.com/w3c/webappsec-feature-policy/issues/375
3 issues received 8 new comments:
- #376 Feature Policy syntax: Structured Header? (2 by annevk, clelland)
https://github.com/w3c/webappsec-feature-policy/issues/376
- #359 Renaming Feature Policy (4 by annevk, clelland, sideshowbarker)
https://github.com/w3c/webappsec-feature-policy/issues/359
- #189 Proposal: define default for all (2 by Malvoz, dimaqq)
https://github.com/w3c/webappsec-feature-policy/issues/189 [feature question]
* WICG/trusted-types (+0/-0/💬1)
1 issues received 1 new comments:
- #232 Handle non-DOM APIs of loading scripts comprehensively. (1 by koto)
https://github.com/w3c/webappsec-trusted-types/issues/232 [future] [spec]
Pull requests
-------------
* w3c/webappsec-referrer-policy (+1/-0/💬2)
1 pull requests submitted:
- Use request's referrer for more things, instead of request's client (by domfarolino)
https://github.com/w3c/webappsec-referrer-policy/pull/135
2 pull requests received 2 new comments:
- #135 Use request's referrer for more things, instead of request's client (1 by domfarolino)
https://github.com/w3c/webappsec-referrer-policy/pull/135
- #129 Stop using environment and request's origin in referrer calculation (1 by domfarolino)
https://github.com/w3c/webappsec-referrer-policy/pull/129
* w3c/webappsec-secure-contexts (+3/-0/💬0)
3 pull requests submitted:
- Improve origin trustworthiness algorithm (by annevk)
https://github.com/w3c/webappsec-secure-contexts/pull/77
- Meta: no more fork of WHATWG HTML (by annevk)
https://github.com/w3c/webappsec-secure-contexts/pull/76
- Always use creation URL to determine trustworthiness (by annevk)
https://github.com/w3c/webappsec-secure-contexts/pull/75
* w3c/webappsec-feature-policy (+3/-0/💬0)
3 pull requests submitted:
- Rename all the things (by clelland)
https://github.com/w3c/webappsec-feature-policy/pull/379
- Change FP inheritance (by clelland)
https://github.com/w3c/webappsec-feature-policy/pull/378
- Remove "requires acknowledgment" flag from document policy (by clelland)
https://github.com/w3c/webappsec-feature-policy/pull/377
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-feature-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/WICG/trusted-types
* https://github.com/w3c/webappsec-unofficial-drafts
Received on Monday, 18 May 2020 17:00:15 UTC