- From: W3C Webmaster via GitHub API <sysbot+gh@w3.org>
- Date: Mon, 29 Jan 2018 17:00:13 +0000
- To: public-webappsec@w3.org
- Message-Id: <E1egCmz-0002zM-9R@uranus.w3.org>
Issues
------
* w3c/webappsec-subresource-integrity (+0/-0/💬4)
1 issues received 4 new comments:
- #26 Extend SRI to apply to <link rel=preload> (4 by jyasskin, annevk, mikewest, guybedford)
https://github.com/w3c/webappsec-subresource-integrity/issues/26
* w3c/webappsec-csp (+0/-1/💬3)
2 issues received 3 new comments:
- #289 CSP vulnerability enabling cross-origin session data exfiltration (2 by albinowax, eligrey)
https://github.com/w3c/webappsec-csp/issues/289
- #8 CSP: form-action and redirects (1 by Changaco)
https://github.com/w3c/webappsec-csp/issues/8
1 issues closed:
- CSP vulnerability enabling cross-origin session data exfiltration https://github.com/w3c/webappsec-csp/issues/289
Pull requests
-------------
* w3c/webappsec-csp (+1/-0/💬2)
1 pull requests submitted:
- The `navigation-to` directive (by andypaicu)
https://github.com/w3c/webappsec-csp/pull/290
2 pull requests received 2 new comments:
- #290 The `navigation-to` directive (1 by annevk)
https://github.com/w3c/webappsec-csp/pull/290
- #287 Introduce 'webrtc-src'. (1 by alvestrand)
https://github.com/w3c/webappsec-csp/pull/287
Repositories tracked by this digest:
-----------------------------------
* https://github.com/w3c/webappsec
* https://github.com/w3c/webappsec-subresource-integrity
* https://github.com/w3c/webappsec-csp
* https://github.com/w3c/webappsec-mixed-content
* https://github.com/w3c/webappsec-upgrade-insecure-requests
* https://github.com/w3c/webappsec-credential-management
* https://github.com/w3c/permissions
* https://github.com/w3c/webappsec-referrer-policy
* https://github.com/w3c/webappsec-secure-contexts
* https://github.com/w3c/webappsec-clear-site-data
* https://github.com/w3c/webappsec-cowl
* https://github.com/w3c/webappsec-epr
* https://github.com/w3c/webappsec-suborigins
Received on Monday, 29 January 2018 17:00:15 UTC