-
We haven't quite explained how the HTTP cache sits in the browser. Some browsers have it double-keyed, some browsers key credentialed and non-credentialed differently because of CORS, ...
All brows…
-
The flat space of repositories for each organization for not allow one to put groups of similar or related repos together. This makes navigation and use of github in general a pain as you have a lo…
timbl updated
9 years ago
-
When requests on the website are redirected, the domain to which the request is redirected is blocked because it is not included in the connect-src whitelist. However, the CSP report shows the blocked…
-
## Request for Mozilla Position on an Emerging Web Specification
* Specification Title: W3C Draft: Content Security Policy: Embedded Enforcement
* Specification or proposal URL: https://w3c.github…
-
# Document title, URLs, estimated publication date
**Title**: Post-Spectre Web Development
**URL**: https://w3c.github.io/webappsec-post-spectre-webdev/fpwd.html
**Date**: Soon?
# Abstract
…
-
### Session description
We will share and discuss progress on the [Cookie Layering](https://github.com/httpwg/http-extensions/issues/2084) effort, our new [Cookies Internet Draft](https://github.com/…
-
When we were first discussing sub-resource integrity verifying downloads was one of the original desires. It got booted from the "MVP" early on (I can't remember why) and didn't get carried over from …
-
## TL;DR:
The navigation delegate is called several different times on iOS versus Android, which may make custom navigation handler difficult to maintain. The solution would be to rely on `isForMai…
-
# Document title, URLs, estimated publication date
Resource Timing Level 1
https://www.w3.org/TR/2017/PR-resource-timing-1-20170110/
10 January 2017
# Abstract
This specification defines an int…
-
Is `file:` protocol considered a secure context? Is reading and writing to the user filesystem at `file:` protocol considered to be any less "secure" than JavaScript code a web site reading and writin…