- From: Arthur Barstow <art.barstow@nokia.com>
- Date: Thu, 9 Oct 2008 13:59:27 -0400
- To: public-webapps <public-webapps@w3.org>
The following issues were created during the July 1-2 f2f meeting (minutes at [1], [2], respectively). Would someone that attended that meeting please elaborate these issues? In particular, has the Issue been addressed and thus can be proposed to be Closed? -Regards, Art Barstow [1] <http://www.w3.org/2008/07/01-wam-minutes.html> [2] <http://www.w3.org/2008/07/02-wam-minutes.html> * ISSUE-25 - Revocation of cached access grants http://www.w3.org/2008/webapps/track/issues/25 * ISSUE-26 Wildcarding is currently possible together with cookies which could result in exploitable servers. http://www.w3.org/2008/webapps/track/issues/26 * ISSUE-29 Should Access-control allow DNS binding defense? http://www.w3.org/2008/webapps/track/issues/29 * ISSUE-30 Should spec have wording to recognise that User Agents may implement further security beyond the spec? http://www.w3.org/2008/webapps/track/issues/30 * ISSUE-31 Allow POST without a preflight with headers in a whitelist http://www.w3.org/2008/webapps/track/issues/31 * ISSUE-32 Each redirect step needs to opt in to AC in order to avoid data leaking http://www.w3.org/2008/webapps/track/issues/32
Received on Thursday, 9 October 2008 18:00:21 UTC