- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 19 Feb 2024 17:00:25 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1rc70D-008vbo-EN@uranus.w3.org>
Issues
------
* w3c/webappsec-csp (+1/-1/💬4)
1 issues created:
- [TIMING] references broken (by bkardell)
https://github.com/w3c/webappsec-csp/issues/644
2 issues received 4 new comments:
- #640 Why is the Content-Security-Policy-Report-Only header field not supported in `<meta>` elements? (2 by annevk, gapple)
https://github.com/w3c/webappsec-csp/issues/640
- #277 Allow CSP-Report-Only in meta tags. (2 by annevk, lukewarlow)
https://github.com/w3c/webappsec-csp/issues/277
1 issues closed:
- Why is the Content-Security-Policy-Report-Only header field not supported in `<meta>` elements? https://github.com/w3c/webappsec-csp/issues/640
* w3c/webappsec-credential-management (+1/-0/💬0)
1 issues created:
- Please PLEASE please auto-publish this spec (by marcoscaceres)
https://github.com/w3c/webappsec-credential-management/issues/226
* w3c/permissions (+1/-1/💬1)
1 issues created:
- Turn PermissionSetParameters.descriptor into an object (by saschanaz)
https://github.com/w3c/permissions/issues/443
1 issues received 1 new comments:
- #414 Add another permission state "always-ask" (from one-time grants)? (1 by jan-ivar)
https://github.com/w3c/permissions/issues/414
1 issues closed:
- Add another permission state "always-ask" (from one-time grants)? https://github.com/w3c/permissions/issues/414
* w3c/webappsec-secure-contexts (+0/-0/💬1)
1 issues received 1 new comments:
- #60 Using secure-context gated features with local devices (1 by aerik)
https://github.com/w3c/webappsec-secure-contexts/issues/60
* w3c/webappsec-permissions-policy (+0/-0/💬6)
2 issues received 6 new comments:
- #537 Send reports for Permissions Policy violations in iframe to parent frame's endpoint (1 by shhnjk)
https://github.com/w3c/webappsec-permissions-policy/issues/537
- #410 Proposal: Transition 'sync-xhr' feature to Document Policy (5 by RByers, arturjanc, yoavweiss)
https://github.com/w3c/webappsec-permissions-policy/issues/410
* w3c/webappsec-trusted-types (+2/-4/💬13)
2 issues created:
- Issue with script enforcement (by lukewarlow)
https://github.com/w3c/trusted-types/issues/437
- "Prepare the script URL and text" algorithm badly named (by lukewarlow)
https://github.com/w3c/trusted-types/issues/435
6 issues received 13 new comments:
- #437 Issue with script enforcement (6 by koto, lukewarlow, mbrodesser-Igalia, otherdaniel)
https://github.com/w3c/trusted-types/issues/437 [bug] [spec]
- #432 TrustedTypePolicyFactory getTypeMapping() missing from spec. (1 by koto)
https://github.com/w3c/trusted-types/issues/432 [proposed-removal]
- #424 Can lowercasing be removed from getAttributeType()? (1 by lukewarlow)
https://github.com/w3c/trusted-types/issues/424
- #423 getAttributeType() needs a rewrite (1 by lukewarlow)
https://github.com/w3c/trusted-types/issues/423
- #398 Defer `fromLiteral`? (3 by lukewarlow, mbrodesser-Igalia)
https://github.com/w3c/trusted-types/issues/398 [proposed-removal]
- #384 Are `getAttributeType` and `getPropertyType` methods neccessary? (1 by mozfreddyb)
https://github.com/w3c/trusted-types/issues/384 [proposed-removal]
4 issues closed:
- "Prepare the script URL and text" algorithm badly named https://github.com/w3c/trusted-types/issues/435
- TrustedHTML.fromLiteral is exposed in workers but assumes the current global is a Window https://github.com/w3c/trusted-types/issues/374 [proposed-removal]
- Either remove `fromLiteral` from v1 of the spec or add a note to the spec that it'll be implemented later https://github.com/w3c/trusted-types/issues/412
- Are `getAttributeType` and `getPropertyType` methods neccessary? https://github.com/w3c/trusted-types/issues/384 [proposed-removal]
Pull requests
-------------
* w3c/permissions (+1/-0/💬1)
1 pull requests submitted:
- Editorial: Use `object` for PermissionSetParameters.descriptor (by saschanaz)
https://github.com/w3c/permissions/pull/444
1 pull requests received 1 new comments:
- #442 Tidied up document using tidy-html5 (1 by w3cbot)
https://github.com/w3c/permissions/pull/442
* w3c/webappsec-trusted-types (+1/-2/💬0)
1 pull requests submitted:
- Rename prepare script url and text algorithm (by lukewarlow)
https://github.com/w3c/trusted-types/pull/436
2 pull requests merged:
- Rename prepare script url and text algorithm
https://github.com/w3c/trusted-types/pull/436
- Remove `fromLiteral` from spec.
https://github.com/w3c/trusted-types/pull/405
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/permissions-registry
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
* https://github.com/w3c/webappsec-cspee
* https://github.com/w3c/webappsec-permissions-policy
* https://github.com/w3c/webappsec-fetch-metadata
* https://github.com/w3c/webappsec-trusted-types
* https://github.com/w3c/webappsec-change-password-url
* https://github.com/w3c/webappsec-post-spectre-webdev
--
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 19 February 2024 17:00:26 UTC