This is an archived snapshot of W3C's public bugzilla bug tracker, decommissioned in April 2019. Please see the home page for more details.
This archived bug list includes all the bugs for the product or component specified, including bugs that have been resolved.
ID | Product | Comp | Assignee | Status | Resolution | Summary | Opened | Changed |
---|---|---|---|---|---|---|---|---|
14663 | WebAppsS | CORS | annevk | RESO | WONT | Advice on CORS and caches | 2011-11-01 | 2013-10-25 |
14664 | WebAppsS | CORS | annevk | RESO | INVA | Defining CORS headers | 2011-11-01 | 2013-10-25 |
14665 | WebAppsS | CORS | annevk | RESO | FIXE | Content-Type is not a simple header | 2011-11-01 | 2011-11-23 |
14666 | WebAppsS | CORS | annevk | RESO | FIXE | Be clearer about cookies and CORS | 2011-11-01 | 2011-11-25 |
14700 | WebAppsS | CORS | annevk | RESO | FIXE | Point out that Access-Control-Allow-Origin:* is safe for servers not behind a firewall | 2011-11-05 | 2013-10-25 |
15312 | WebAppsS | CORS | annevk | RESO | WONT | lowercasing requirement for Access-Control-Request-Headers harmful | 2011-12-22 | 2012-05-03 |
16203 | WebAppsS | CSP | w3c | NEW | --- | Nothing is said about what happens when default-src is omitted. | 2012-03-02 | 2012-05-03 |
16434 | WebAppsS | CORS | annevk | RESO | FIXE | Clarify that "global unique identifier" is an alias for "null" (for all CORS-purposes) | 2012-03-19 | 2012-03-22 |
16436 | WebAppsS | CORS | annevk | RESO | FIXE | Resource processing: shouldn't need to split Origin string on SPACE anymore | 2012-03-19 | 2012-03-22 |
17042 | WebAppsS | CORS | annevk | RESO | INVA | Last-Event-ID is not a simple header | 2012-05-13 | 2013-10-28 |
17205 | WebAppsS | CORS | annevk | RESO | INVA | graph.Facebook.com/ladybug2007 | 2012-05-26 | 2012-05-29 |
19315 | WebAppsS | CORS | annevk | RESO | DUPL | Last-Event-ID header should be a simple header | 2012-10-07 | 2013-10-28 |
19920 | WebAppsS | CORS | annevk | RESO | INVA | Don't allow space-separated origins in the syntax | 2012-11-09 | 2013-10-25 |
20205 | WebAppsS | CSP | w3c | NEW | --- | iOS 6 | 2012-12-03 | 2012-12-03 |
21012 | WebAppsS | CORS | annevk | RESO | WONT | Add more text on Vary | 2013-02-15 | 2013-10-28 |
21608 | WebAppsS | CORS | annevk | RESO | WONT | 7.2 "Resource Sharing Check" does not specify how to handle a space separated list in Access-Control-Allow-Origin | 2013-04-07 | 2013-10-25 |
22256 | WebAppsS | CSP | w3c | CLOS | FIXE | Add a note regarding first line of defense. | 2013-06-04 | 2013-07-02 |
23357 | WebAppsS | CSP2 | hillbrad | RESO | WONT | Subverting CSP policies for browser add-ons (extensions). | 2013-09-25 | 2018-01-17 |
26061 | WebAppsS | CSP | w3c | NEW | --- | Improve consistency with CSP 1.1 w.r.t. add-on/extension semantics. | 2014-06-11 | 2014-06-11 |
27291 | WebAppsS | CSP2 | mkwst | NEW | --- | Referrer: Consider a mechanism to specify a referrer URL. | 2014-11-10 | 2014-11-10 |
27302 | WebAppsS | Mixed Co | mkwst | ASSI | --- | Define an elaboration of #may-document-use-powerful-features that checks ancestor browsing contexts | 2014-11-11 | 2014-11-25 |
27341 | WebAppsS | Subresou | mkwst | NEW | --- | consider replacing integrity-metatata ABNF production with a precise prose definition of the datatype/microsyntax | 2014-11-17 | 2014-11-17 |
27744 | WebAppsS | Subresou | mkwst | NEW | --- | Should define the term 'subresource' | 2015-01-05 | 2015-01-05 |
27745 | WebAppsS | Subresou | mkwst | NEW | --- | Should define the term 'integrity' | 2015-01-05 | 2015-01-05 |
27746 | WebAppsS | Subresou | mkwst | NEW | --- | Integrity of image content | 2015-01-05 | 2015-01-07 |
27747 | WebAppsS | Subresou | fbraun | NEW | --- | Integrity of font content | 2015-01-05 | 2018-08-16 |
27748 | WebAppsS | Subresou | mkwst | NEW | --- | Value of @integrity attribute not sufficiently prescriptive | 2015-01-05 | 2015-01-08 |
28620 | WebAppsS | UISecuri | oner_basut | RESO | INVA | vbvcb | 2015-05-09 | 2015-05-10 |
28861 | WebAppsS | CORS | annevk | NEW | --- | Section 6.2 Preflight Request, step 10, second note: "Access-Control-Allow-Headers" instead of "Access-Control-Request-Headers" | 2015-06-28 | 2015-07-01 |
30087 | WebAppsS | UISecuri | hillbrad | NEW | --- | yun95@yahoo.com | 2017-04-13 | 2017-04-13 |
30088 | WebAppsS | UISecuri | hillbrad | NEW | --- | yun95@yahoo.com | 2017-04-13 | 2017-12-04 |
30212 | WebAppsS | UISecuri | hillbrad | NEW | --- | jf | 2017-12-22 | 2017-12-22 |
30273 | WebAppsS | UISecuri | hillbrad | NEW | --- | gmail.com | 2018-07-04 | 2018-07-04 |