- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 25 Jan 2021 17:00:20 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1l45Dw-0005Ab-Cy@uranus.w3.org>
Issues
------
* w3c/webappsec-csp (+1/-0/💬6)
1 issues created:
- Accessing the `nonce` from JS, effectively makes all nonce based CSPs `strict-dynamic` (by shaialon)
https://github.com/w3c/webappsec-csp/issues/458
2 issues received 6 new comments:
- #458 Accessing the `nonce` from JS, effectively makes all nonce based CSPs `strict-dynamic` (5 by arturjanc, mikewest, mikispag, shaialon)
https://github.com/w3c/webappsec-csp/issues/458
- #92 WebRTC can be used for exfiltration (1 by zenhack)
https://github.com/w3c/webappsec-csp/issues/92
* w3c/webappsec-trusted-types (+1/-0/💬7)
1 issues created:
- Maybe remove plugin enforcement from Trusted Types? (by shhnjk)
https://github.com/w3c/webappsec-trusted-types/issues/305
1 issues received 7 new comments:
- #305 Maybe remove plugin enforcement from Trusted Types? (7 by koto, mikewest, shhnjk)
https://github.com/w3c/webappsec-trusted-types/issues/305
Pull requests
-------------
* w3c/webappsec-csp (+1/-0/💬6)
1 pull requests submitted:
- Introduce 'webrtc-src' as a simple on/off switch (by zenhack)
https://github.com/w3c/webappsec-csp/pull/457
3 pull requests received 6 new comments:
- #457 Introduce 'webrtc-src' as a simple on/off switch (4 by mozfreddyb, samuelweiler, zenhack)
https://github.com/w3c/webappsec-csp/pull/457
- #456 Remove plugin-types (1 by domenic)
https://github.com/w3c/webappsec-csp/pull/456
- #287 Introduce 'webrtc-src'. (1 by alvestrand)
https://github.com/w3c/webappsec-csp/pull/287
* w3c/webappsec-referrer-policy (+2/-2/💬13)
2 pull requests submitted:
- Clarify the rare inheritance of referrer policy (by domfarolino)
https://github.com/w3c/webappsec-referrer-policy/pull/148
- Use GitHub workflows to publish the spec (by domfarolino)
https://github.com/w3c/webappsec-referrer-policy/pull/147
2 pull requests received 13 new comments:
- #148 Clarify the rare inheritance of referrer policy (11 by annevk, domfarolino)
https://github.com/w3c/webappsec-referrer-policy/pull/148
- #147 Use GitHub workflows to publish the spec (2 by domfarolino)
https://github.com/w3c/webappsec-referrer-policy/pull/147
2 pull requests merged:
- Clarify the rare inheritance of referrer policy
https://github.com/w3c/webappsec-referrer-policy/pull/148
- Use GitHub workflows to publish the spec
https://github.com/w3c/webappsec-referrer-policy/pull/147
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-unofficial-drafts
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 25 January 2021 17:00:23 UTC