Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / WebAssembly/content-security-policy issues and pull requests

#43 - Progress to phase 4

Issue - State: open - Opened by eqrion almost 2 years ago

#42 - No progressive enhancement for unsafe-eval

Issue - State: open - Opened by niklasf over 2 years ago

#41 - Curfuffle

Pull Request - State: closed - Opened by fgmccabe almost 3 years ago

#40 - Add js-api file back in

Pull Request - State: closed - Opened by fgmccabe over 3 years ago

#39 - Merge upstream changes to repo

Pull Request - State: closed - Opened by fgmccabe over 3 years ago

#38 - Meta: rename default branch to main

Issue - State: closed - Opened by annevk over 3 years ago - 2 comments

#37 - Fine-grained Wasm execution policies

Issue - State: open - Opened by guybedford over 3 years ago - 17 comments

#36 - Remove reference to Response CSP policy algorithm

Pull Request - State: closed - Opened by fgmccabe over 3 years ago

#35 - Small tweak

Pull Request - State: closed - Opened by fgmccabe over 3 years ago

#33 - Removed text relating to extending script-src to include wasm

Pull Request - State: closed - Opened by fgmccabe over 3 years ago - 5 comments

#32 - Refactored explainer to use regular script-src for streaming

Pull Request - State: closed - Opened by fgmccabe over 3 years ago

#31 - Revised and simplified note

Pull Request - State: closed - Opened by fgmccabe almost 4 years ago

#31 - Revised and simplified note

Pull Request - State: closed - Opened by fgmccabe almost 4 years ago

#30 - Behavior of Current Implementations section of proposal appears out of date?

Issue - State: closed - Opened by whereisaaron almost 4 years ago - 2 comments

#29 - self-contradictory CSP error message

Issue - State: closed - Opened by thjttk about 4 years ago - 2 comments

#28 - New Champion for this proposal needed

Issue - State: closed - Opened by titzer about 4 years ago - 3 comments

#27 - Consider security drawbacks to requiring unsafe-eval for WebAssembly

Issue - State: closed - Opened by hackcasual over 4 years ago - 5 comments

#26 - 'wasm-unsafe-eval' fallback for non-compatible browsers

Issue - State: closed - Opened by lweichselbaum about 5 years ago - 2 comments

#24 - fix typo

Pull Request - State: closed - Opened by technohippy over 5 years ago - 1 comment

#23 - Extension Permision

Issue - State: closed - Opened by marian-tatarau about 6 years ago - 1 comment

#21 - Rework final table for clarity

Pull Request - State: closed - Opened by titzer over 6 years ago

#20 - Always allow WebAssembly.validate()

Pull Request - State: closed - Opened by titzer over 6 years ago - 1 comment

#19 - WebAssembly.validate() shouldn't be blocked by CSP

Issue - State: closed - Opened by lukewagner over 6 years ago - 3 comments

#18 - Remove reference to mimetype hardening

Pull Request - State: closed - Opened by titzer over 6 years ago

#17 - Rename 'wasm-eval' to 'wasm-unsafe-eval'

Pull Request - State: closed - Opened by titzer over 6 years ago - 1 comment

#16 - Summarize API behavior and threats relative to CSP

Pull Request - State: closed - Opened by titzer over 6 years ago - 14 comments

#15 - Why not unsafe-wasm-eval?

Issue - State: closed - Opened by annevk over 6 years ago - 3 comments

#14 - new WebAssembly.Instance() is always allowed, right?

Issue - State: closed - Opened by lukewagner almost 7 years ago - 13 comments

#13 - Add hooks for CSP

Pull Request - State: closed - Opened by eholk almost 7 years ago - 19 comments

#12 - Pull in latest changes from WebAssembly/spec repo

Pull Request - State: closed - Opened by eholk almost 7 years ago

#11 - Reference other precedents for threat model

Issue - State: closed - Opened by eholk almost 7 years ago

#10 - Summarize API behavior and threats relative to CSP

Pull Request - State: closed - Opened by eholk almost 7 years ago - 1 comment

#9 - Should `WebAssembly.Module` carry origin information?

Issue - State: closed - Opened by eholk almost 7 years ago - 11 comments

#8 - Adding WebAssembly.compile and WebAssembly.instantiate to CSP

Issue - State: closed - Opened by alpertron about 7 years ago - 10 comments

#7 - No way to use WebAssembly on Chrome without 'unsafe-eval'

Issue - State: closed - Opened by hackcasual about 7 years ago - 50 comments

#6 - Provide background on CSP threat model and use cases

Pull Request - State: closed - Opened by eholk about 7 years ago - 2 comments

#5 - Exit Criteria -- What is the goal of this proposal?

Issue - State: closed - Opened by eholk about 7 years ago - 9 comments

#4 - Response.url will be "hardened"

Issue - State: closed - Opened by annevk over 7 years ago - 3 comments

#3 - mimeTypeWasm will be added to Response

Issue - State: closed - Opened by annevk over 7 years ago - 3 comments

#2 - Clarify distintion between unsafe-eval and wasm-eval

Issue - State: closed - Opened by pauljt over 7 years ago - 3 comments

#1 - Document CSP Threat Model

Issue - State: closed - Opened by eholk over 7 years ago - 12 comments