- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 16 Jan 2023 17:00:48 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1pHSqm-000cmY-Nt@uranus.w3.org>
Issues
------
* w3c/webappsec (+1/-1/💬9)
1 issues created:
- Planning the 2023-02-15 call. (by mikewest)
https://github.com/w3c/webappsec/issues/618
1 issues received 9 new comments:
- #617 Planning the 2023-01-18 call. (9 by arturjanc, clelland, dveditz, hober, johnwilander, mikewest)
https://github.com/w3c/webappsec/issues/617
1 issues closed:
- Planning the 2023-01-18 call. https://github.com/w3c/webappsec/issues/617
* w3c/webappsec-csp (+1/-2/💬4)
1 issues created:
- unique app id in reported violation object (by telelvis)
https://github.com/w3c/webappsec-csp/issues/584
2 issues received 4 new comments:
- #584 unique app id in reported violation object (3 by mikewest, telelvis)
https://github.com/w3c/webappsec-csp/issues/584
- #434 Clarify/test which quote characters may be used (1 by evilpie)
https://github.com/w3c/webappsec-csp/issues/434
2 issues closed:
- unique app id in reported violation object https://github.com/w3c/webappsec-csp/issues/584
- Consider relaxing `prefetch-src` and preload `as` https://github.com/w3c/webappsec-csp/issues/542
* w3c/webappsec-mixed-content (+0/-2/💬16)
5 issues received 16 new comments:
- #64 Spec should explain why do we not upgrade when a request's initiator is `imageset` (1 by carlosjoan91)
https://github.com/w3c/webappsec-mixed-content/issues/64
- #63 Difference between spec and practice in mixed content upgrade (6 by annevk, mozfreddyb, moztomer)
https://github.com/w3c/webappsec-mixed-content/issues/63
- #61 Broken references in Mixed Content (3 by carlosjoan91, domenic)
https://github.com/w3c/webappsec-mixed-content/issues/61
- #18 "strict mixed content checking flag" not defined for environment settings objects (3 by annevk, carlosjoan91, mikewest)
https://github.com/w3c/webappsec-mixed-content/issues/18
- #17 Clarify mixed content behavior for access to origins in CIDR 127.0.0.0/8 or ::1/128 (3 by annevk, carlosjoan91, letitz)
https://github.com/w3c/webappsec-mixed-content/issues/17
2 issues closed:
- Broken references in Mixed Content https://github.com/w3c/webappsec-mixed-content/issues/61
- Spec should explain why do we not upgrade when a request's initiator is `imageset` https://github.com/w3c/webappsec-mixed-content/issues/64
* w3c/webappsec-credential-management (+1/-0/💬1)
1 issues created:
- DiscoverFromExternalSource setup needs some fixes (by npm1)
https://github.com/w3c/webappsec-credential-management/issues/211
1 issues received 1 new comments:
- #211 DiscoverFromExternalSource setup needs some fixes (1 by npm1)
https://github.com/w3c/webappsec-credential-management/issues/211
* w3c/webappsec-permissions-policy (+2/-3/💬5)
2 issues created:
- document.featurePolicy vs document.permissionsPolicy (by evilpie)
https://github.com/w3c/webappsec-permissions-policy/issues/507
- support <meta http-equiv> mechanism to set the policy (by justadreamer)
https://github.com/w3c/webappsec-permissions-policy/issues/506
3 issues received 5 new comments:
- #507 document.featurePolicy vs document.permissionsPolicy (2 by annevk, evilpie)
https://github.com/w3c/webappsec-permissions-policy/issues/507
- #506 support <meta http-equiv> mechanism to set the policy (2 by annevk, justadreamer)
https://github.com/w3c/webappsec-permissions-policy/issues/506
- #15 Should we support `<meta http-equiv>` mechanism to set the policy? (1 by justadreamer)
https://github.com/w3c/webappsec-permissions-policy/issues/15
3 issues closed:
- document.featurePolicy vs document.permissionsPolicy https://github.com/w3c/webappsec-permissions-policy/issues/507
- support <meta http-equiv> mechanism to set the policy https://github.com/w3c/webappsec-permissions-policy/issues/506
- can anyone help me https://github.com/w3c/webappsec-permissions-policy/issues/503
Pull requests
-------------
* w3c/webappsec-csp (+3/-4/💬4)
3 pull requests submitted:
- Fix references and fix build (by antosart)
https://github.com/w3c/webappsec-csp/pull/586
- Fix return value of resource hint check (by antosart)
https://github.com/w3c/webappsec-csp/pull/585
- Fix HTML link-rel links (by noamr)
https://github.com/w3c/webappsec-csp/pull/583
2 pull requests received 4 new comments:
- #582 Use "least restrictive" directive instead of `prefetch-src` (1 by noamr)
https://github.com/w3c/webappsec-csp/pull/582
- #564 Remove `navigate-to`. (3 by eligrey, jub0bs, mikewest)
https://github.com/w3c/webappsec-csp/pull/564
4 pull requests merged:
- Fix return value of resource hint check
https://github.com/w3c/webappsec-csp/pull/585
- Fix references and fix build
https://github.com/w3c/webappsec-csp/pull/586
- Fix HTML link-rel links
https://github.com/w3c/webappsec-csp/pull/583
- Use "least restrictive" directive instead of `prefetch-src`
https://github.com/w3c/webappsec-csp/pull/582
* w3c/webappsec-mixed-content (+2/-3/💬3)
2 pull requests submitted:
- Remove reference to "responsible document" (by carlosjoan91)
https://github.com/w3c/webappsec-mixed-content/pull/66
- Add note about imageset not being upgradeable due to historical reasons (by carlosjoan91)
https://github.com/w3c/webappsec-mixed-content/pull/65
2 pull requests received 3 new comments:
- #66 Remove reference to "responsible document" (1 by carlosjoan91)
https://github.com/w3c/webappsec-mixed-content/pull/66
- #65 Add note about imageset not being upgradeable due to historical reasons (2 by estark37, mozfreddyb)
https://github.com/w3c/webappsec-mixed-content/pull/65
3 pull requests merged:
- Remove reference to "responsible document"
https://github.com/w3c/webappsec-mixed-content/pull/66
- Add note about imageset not being upgradeable due to historical reasons
https://github.com/w3c/webappsec-mixed-content/pull/65
- Clarify behaviour for public IP addresses
https://github.com/w3c/webappsec-mixed-content/pull/62
* w3c/webappsec-permissions-policy (+1/-2/💬4)
1 pull requests submitted:
- Update for new navigable concepts. (by clelland)
https://github.com/w3c/webappsec-permissions-policy/pull/505
4 pull requests received 4 new comments:
- #505 Update for new navigable concepts. (1 by clelland)
https://github.com/w3c/webappsec-permissions-policy/pull/505
- #501 Fix `Define an inherited policy for feature in container at origin` (1 by clelland)
https://github.com/w3c/webappsec-permissions-policy/pull/501
- #498 Fixes based on build warnings (1 by clelland)
https://github.com/w3c/webappsec-permissions-policy/pull/498
- #493 Add User-Agent Client Hints ch-ua-* features (1 by Kongpcmail)
https://github.com/w3c/webappsec-permissions-policy/pull/493
2 pull requests merged:
- Fixes based on build warnings
https://github.com/w3c/webappsec-permissions-policy/pull/498
- Fix `Define an inherited policy for feature in container at origin`
https://github.com/w3c/webappsec-permissions-policy/pull/501
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 16 January 2023 17:00:51 UTC