- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 28 Oct 2024 17:00:23 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1t5T6N-004T3G-09@janus.w3.internal>
Issues ------ * w3c/webappsec (+1/-0/💬1) 1 issues created: - Planning 2024-11-20. (by mikewest) https://github.com/w3c/webappsec/issues/662 1 issues received 1 new comments: - #662 Planning 2024-11-20. (1 by simoneonofri) https://github.com/w3c/webappsec/issues/662 * w3c/webappsec-csp (+1/-0/💬4) 1 issues created: - Should "Should navigation request of type be blocked by Content Security Policy?" set the violation object's element? (by mbrodesser-Igalia) https://github.com/w3c/webappsec-csp/issues/687 2 issues received 4 new comments: - #686 How to set CSP without unsafe-inline for site with ads? (2 by Wowhere, dveditz) https://github.com/w3c/webappsec-csp/issues/686 - #322 Handling of javascript: navigations is not interoperable, spec doesn't match most implementations (2 by dinofx, mbrodesser-Igalia) https://github.com/w3c/webappsec-csp/issues/322 * w3c/webappsec-credential-management (+1/-0/💬0) 1 issues created: - Key active credential types by top-level browsing context (by npm1) https://github.com/w3c/webappsec-credential-management/issues/265 * w3c/webappsec-trusted-types (+2/-6/💬7) 2 issues created: - getAttributeType() for embed@src, object@codebase and object@data (by fred-wang) https://github.com/w3c/trusted-types/issues/554 - Add tests for getPropertyType/getAttributeType when null namespaces are passed. (by fred-wang) https://github.com/w3c/trusted-types/issues/553 5 issues received 7 new comments: - #554 getAttributeType()/getPropertyType() for embed@src, object@codebase and object@data (3 by fred-wang, lukewarlow) https://github.com/w3c/trusted-types/issues/554 - #553 Add tests for getPropertyType/getAttributeType when null namespaces are passed. (1 by fred-wang) https://github.com/w3c/trusted-types/issues/553 - #520 Finalise spec mechanism for event handlers (1 by fred-wang) https://github.com/w3c/trusted-types/issues/520 [spec] - #496 Check variable naming inside of getAttributeType and getPropertyType methods (1 by fred-wang) https://github.com/w3c/trusted-types/issues/496 [spec] - #429 There's a lack of test coverage over the namespace aspect of getPropertyType (1 by fred-wang) https://github.com/w3c/trusted-types/issues/429 6 issues closed: - Export the 'require-trusted-types-for' dfn https://github.com/w3c/trusted-types/issues/538 - Export the 'require-trusted-types-for' dfn https://github.com/w3c/trusted-types/issues/538 - Step 8 of getAttributeType() is incorrect https://github.com/w3c/trusted-types/issues/551 - Step 8 of getAttributeType() is incorrect https://github.com/w3c/trusted-types/issues/551 - Dead link to "HTML imports" https://github.com/w3c/trusted-types/issues/550 - Dead link to "HTML imports" https://github.com/w3c/trusted-types/issues/550 Pull requests ------------- * w3c/webappsec (+0/-1/💬0) 1 pull requests merged: - Add missing attendee https://github.com/w3c/webappsec/pull/660 * w3c/webappsec-trusted-types (+0/-4/💬2) 2 pull requests received 2 new comments: - #558 Fix dead link to "HTML imports" spec (1 by fred-wang) https://github.com/w3c/trusted-types/pull/558 - #486 Remove enforcement from embed and object elements (1 by fred-wang) https://github.com/w3c/trusted-types/pull/486 4 pull requests merged: - Treat a null elementNs in getPropertyType/geAtributeType as the HTML … https://github.com/w3c/trusted-types/pull/557 - Export the two CSP directives https://github.com/w3c/trusted-types/pull/545 - Fix column indices for callers of "Get Trusted Type data for attribute" https://github.com/w3c/trusted-types/pull/555 - Fix dead link to "HTML imports" spec https://github.com/w3c/trusted-types/pull/558 Repositories tracked by this digest: ----------------------------------- * https://github.com/w3c/webappsec * https://github.com/w3c/webappsec-subresource-integrity * https://github.com/w3c/webappsec-csp * https://github.com/w3c/webappsec-mixed-content * https://github.com/w3c/webappsec-upgrade-insecure-requests * https://github.com/w3c/webappsec-credential-management * https://github.com/w3c/permissions * https://github.com/w3c/permissions-registry * https://github.com/w3c/webappsec-referrer-policy * https://github.com/w3c/webappsec-secure-contexts * https://github.com/w3c/webappsec-clear-site-data * https://github.com/w3c/webappsec-cowl * https://github.com/w3c/webappsec-epr * https://github.com/w3c/webappsec-suborigins * https://github.com/w3c/webappsec-cspee * https://github.com/w3c/webappsec-permissions-policy * https://github.com/w3c/webappsec-fetch-metadata * https://github.com/w3c/webappsec-trusted-types * https://github.com/w3c/webappsec-change-password-url * https://github.com/w3c/webappsec-post-spectre-webdev -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Monday, 28 October 2024 17:00:23 UTC