Tuesday, 30 December 2014
Sunday, 28 December 2014
Tuesday, 30 December 2014
- Re: [CSP] different perspective on Report-Only
- Re: [CSP3] Allow plugin-types "none"
- webappsec-ISSUE-74 (plugin-types 'none'): allow explicitly setting the 'none' keyword source for plugin-type directive [CSP Level 3]
- Re: [CSP3] Allow paths without a domain
- webappsec-ISSUE-73 (CSP path matching): Consider allowing relative paths (to 'self') in source productions [CSP Level 3]
- [CSP3] Allow plugin-types "none"
- [CSP3] Allow paths without a domain
- Re: [SRI] providing good defaults when the expected content type is missing?
- Re: [SRI] unsupported hashes and invalid metadata
- AW: [CSP] different perspective on Report-Only
- Re: [CSP] different perspective on Report-Only
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- [SRI] providing good defaults when the expected content type is missing?
- [CSP] How to interpret 'self' in a sandboxed iframe
- Re: [SRI] unsupported hashes and invalid metadata
Monday, 29 December 2014
- Re: [SRI] unsupported hashes and invalid metadata
- AW: [CSP] different perspective on Report-Only
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Reminder: today's webappsec teleconference CANCELED
- Re: [CSP] different perspective on Report-Only
Sunday, 28 December 2014
- Re: Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure)
- Re: Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure)
- Re: Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure)
- Why not DNS records Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [SRI] unsupported hashes and invalid metadata
- Re: [CSP] different perspective on Report-Only
Saturday, 27 December 2014
- Re: Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure)
- Re: Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure)
- Public Key Pinning (was Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure)
Friday, 26 December 2014
Saturday, 27 December 2014
- [CSP] different perspective on Report-Only
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
Friday, 26 December 2014
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [SRI] unsupported hashes and invalid metadata
- Re: [REFERRER] feedback - Editorial comment: s/referer/Referer/g
- [REFERRER] feedback - Editorial comment: s/referer/Referer/g
Wednesday, 24 December 2014
- [SRI] unsupported hashes and invalid metadata
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Tuesday, 23 December 2014
Wednesday, 17 December 2014
Saturday, 20 December 2014
Monday, 22 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Saturday, 20 December 2014
Monday, 22 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
Sunday, 21 December 2014
Saturday, 20 December 2014
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Friday, 19 December 2014
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- [webappsec] Next WebAppSec teleconference
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- RE: [blink-dev] Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Thursday, 18 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Friday, 19 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Marking HTTP As Non-Secure
- Re: Marking HTTP As Non-Secure
- Re: Marking HTTP As Non-Secure
- RE: Marking HTTP As Non-Secure
- Re: [MIX] PF comments on Mixed Content - accessible indication and user controls
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Thursday, 18 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [MIX] PF comments on Mixed Content - accessible indication and user controls
- Re: Marking HTTP As Non-Secure
- Re: Marking HTTP As Non-Secure
- Re: [MIX] PF comments on Mixed Content - accessible indication and user controls
- Re: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Marking HTTP As Non-Secure
- Re: Marking HTTP As Non-Secure
- Re: Marking HTTP As Non-Secure
Wednesday, 17 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
Thursday, 18 December 2014
Wednesday, 17 December 2014
Thursday, 18 December 2014
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
Wednesday, 17 December 2014
- Re: [MIX] PF comments on Mixed Content - accessible indication and user controls
- Re: [MIX] PF comments on Mixed Content - accessible indication and user controls
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
Tuesday, 16 December 2014
Monday, 15 December 2014
Tuesday, 16 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Security UI Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: MIX: Exiting last call?
- Re: Service Workers and MIX (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [blink-dev] Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Monday, 15 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- postMessage, workers and sandboxing
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- webappsec-ACTION-208: Take charter to w3m for review
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: MIX: Exiting last call?
- Re: Strict mixed content checking (was Re: MIX: Exiting last call?)
- Re: Proposal: Marking HTTP As Non-Secure
- Strict mixed content checking (was Re: MIX: Exiting last call?)
- Service Workers and MIX (was Re: MIX: Exiting last call?)
- Re: MIX: Exiting last call?
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Saturday, 13 December 2014
Sunday, 14 December 2014
Saturday, 13 December 2014
Sunday, 14 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
Saturday, 13 December 2014
Sunday, 14 December 2014
Monday, 15 December 2014
Sunday, 14 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Re: [webappsec] Teleconference Agenda, Monday 14-Dec-2014
Saturday, 13 December 2014
- Re: Proposal: Marking HTTP As Non-Secure
- Re: Proposal: Marking HTTP As Non-Secure
- Proposal: Marking HTTP As Non-Secure
Friday, 12 December 2014
- Re: [webappsec] Teleconference Agenda, Monday 14-Dec-2014
- Re: [webappsec] Teleconference Agenda, Monday 14-Dec-2014
- [webappsec] Teleconference Agenda, Monday 14-Dec-2014
- Re: [CSP3] Please define the encoding used for violation reports
- RE: [REFERRER][CSP] Improving the Web Platform's Referrer Policy
- MIX: Exiting last call?
Thursday, 11 December 2014
- Re: Comments on Mixed Content
- Re: [MIX] PF comments on Mixed Content - accessible indication and user controls
- Re: Comments on Mixed Content
- Re: [SRI] Towards v1 - do we need error reporting?
- Re: Comments on Mixed Content
- Re: [SRI] Towards v1 - do we need error reporting?
- Re: [SRI] Towards v1 - do we need fallback/noncanonical-src?
Wednesday, 10 December 2014
- Re: [MIX] PF comments on Mixed Content - accessible indication and user controls
- Comments on Mixed Content
- Re: [SRI] Towards v1 - do we need error reporting?
- Re: [SRI] Towards v1 - do we need fallback/noncanonical-src?
- Re: [SRI] Towards v1 - do we need error reporting?
- Re: [SRI] Towards v1 - do we need error reporting?
- [MIX] PF comments on Mixed Content - accessible indication and user controls
- [SRI] Towards v1 - do we need error reporting?
- [SRI] Towards v1 - do we need fallback/noncanonical-src?
Tuesday, 9 December 2014
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- [POWER] New vs Legacy functionality (Re: "Requirements for Powerful Features" strawman.)
- Re: [REFERRER][CSP] Improving the Web Platform's Referrer Policy
- Re: Draft finding - "Transitioning the Web to HTTPS"
Thursday, 4 December 2014
Wednesday, 3 December 2014
- [REFERRER][CSP] Improving the Web Platform's Referrer Policy
- Re: [CSP3] Please define the encoding used for violation reports
- Re: [CSP3] Please define the encoding used for violation reports
- Re: [CSP3] Please define the encoding used for violation reports
- Re: [CSP3] Please define the encoding used for violation reports
- Re: [webappsec] Clarifying how CSP sandboxing applies to Workers, ServiceWorkers
- Re: [CSP3] Please define the encoding used for violation reports
- Re: [CSP3] Please define the encoding used for violation reports
Tuesday, 2 December 2014
- Re: [webappsec] Dec 1, Thread 2: Powerful Features
- Re: [webappsec] Dec 1, Thread 2: Powerful Features
- Re: [CSP3] Please define the encoding used for violation reports
- Re: [webappsec] Dec 1, Thread 1: Rechartering
- Re: [webappsec] Dec 1, Thread 1: Rechartering
- Re: [CSP3] Please define the encoding used for violation reports
- [CSP3] Please define the encoding used for violation reports
- Re: snapshots in CfC Re: CfC: Publish a FPWD of "Requirements for Powerful Features"
Monday, 1 December 2014
- Re: webappsec-ISSUE-69 (Overt channel control in CSP): Consider directives to manage postMessage and external navigation of iframes [CSP Next]
- Re: [webappsec] Clarifying how CSP sandboxing applies to Workers, ServiceWorkers
- Re: [webappsec] Clarifying how CSP sandboxing applies to Workers, ServiceWorkers
- [webappsec] Clarifying how CSP sandboxing applies to Workers, ServiceWorkers
- [webappsec] Dec 1, Thread 3: post-Last Call issues in CSP Level 2
- [webappsec] Dec 1, Thread 2: Powerful Features
- [webappsec] Dec 1, Thread 1: Rechartering
- [webappsec] Cancel today's call?
- Re: snapshots in CfC Re: CfC: Publish a FPWD of "Requirements for Powerful Features"