Web Application Security Working Group
Issue Tracking
Summary
Issues:
Raised
Open
Pending Review
Closed
Postponed
All
Create
Actions:
Open
Overdue
Closed
Pending Review
Raise
Users
My
Tracker
Products
Agenda planning
Recent activity
Open Issues
Apply the following changes to selected issues:
Mark as
No status change
Closed
Open
Raised
Pending Review
Postponed
Associate to product:
No change
CORS
CSP Level 1
CSP Level 2
CSP Level 3
Mixed Content
Referrer Policy
Subresource Integrity Level 1
Subresource Integrity Level 2
UI Security
There are 6 open issues listed in the system.
↓
ID
↓
State
Title
Raised on
↓
Product
Open Actions
ISSUE-34
OPEN
Discuss use cases / risks of script access to CSP information, solicit specific public comment on this feature with FPWD
2012-11-02
CSP Level 3
0
ISSUE-44
OPEN
Same-origin policy identity query via script-hash. issue is you do a third party inline script with a known script-hash. if it succeeds, you know that the target was as expected, even though you can't read it
2013-02-26
Subresource Integrity Level 1
0
ISSUE-57
OPEN
Do we want to control popups, if so, how?
2014-02-10
CSP Level 3
0
ISSUE-64
OPEN
Csp3 how to deal with large policies needed by single-page webapps (http://lists.w3.org/archives/public/public-webappsec/2014aug/0021.html)
2014-08-27
CSP Level 3
0
ISSUE-67
OPEN
WebRTC via 'connect-src'?
2014-09-03
CSP Level 3
0
ISSUE-68
401 prompting by subresources
OPEN
How to manage 401 phishing prompts by subresources
2014-10-27
CSP Level 3
0
Raise an issue
.
Daniel Veditz <
dveditz@mozilla.com
>, Mike West <
mkwst@google.com
>, Chairs, Wendy Seltzer <
wseltzer@w3.org
>, Samuel Weiler <
weiler@w3.org
>, Staff Contacts
Tracker:
documentation
, (
configuration for this group
), originally developed by
Dean Jackson
, is developed and maintained by the Systems Team <
w3t-sys@w3.org
>.
$Id: open.html,v 1.1 2020/01/17 08:52:45 carcone Exp $