Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / w3c/security-review issues and pull requests

#231 - Include details of SVG-as-Image and Canvas origin-clean

Issue - State: open - Opened by w3cbot 11 days ago
Labels: tracker, pending, s:html

#230 - FYI Private State Token API Permissions Policy Default Allowlist Wildcard

Issue - State: open - Opened by w3cbot 24 days ago
Labels: tracker, pending, s:trust-token-api

#229 - [mediaqueries-5] Prefers-* Media Features Security and Privacy odd wording

Issue - State: open - Opened by w3cbot 25 days ago
Labels: tracker, pending, wg:css, s:mediaqueries

#228 - Ideas for writing up security considerations

Issue - State: open - Opened by w3cbot 26 days ago
Labels: needs-resolution, pending, close?, s:wcag2ict, wg:ag

#227 - Security and Privacy Self-review

Issue - State: open - Opened by w3cbot about 2 months ago
Labels: tracker, pending, wg:das, s:vibration

#226 - Security self-review answers for 9 July 2024 WD of IFT

Issue - State: open - Opened by w3cbot 2 months ago
Labels: tracker, pending, s:ift, wg:webfonts

#225 - Security considerations: Malware in `eXIf`

Issue - State: closed - Opened by w3cbot 3 months ago - 1 comment
Labels: tracker, pending, close?, wg:png, s:png

#224 - Security considerations: malicious data after `IEND`

Issue - State: closed - Opened by w3cbot 3 months ago - 1 comment
Labels: tracker, pending, close?, wg:png, s:png

#223 - [wg/rdf-star] RDF-star Group Charter

Issue - State: open - Opened by w3cbot 4 months ago
Labels: tracker, pending, s:html

#222 - How to specify desired accuracy / resolution of data?

Issue - State: open - Opened by w3cbot 4 months ago
Labels: tracker, s:geolocation, pending, wg:das

#221 - Data portability threat model, mitigations

Issue - State: open - Opened by w3cbot 4 months ago
Labels: tracker, pending, close?

#219 - Responses to the Security and Privacy Self-Review questionaire

Issue - State: open - Opened by w3cbot 5 months ago
Labels: tracker, pending, close?, s:html-ruby-extensions, wg:htmlwg

#218 - joint work on rights-respecting digital credentials

Issue - State: open - Opened by w3cbot 5 months ago
Labels: tracker, pending, s:html

#217 - Local Peer-to-Peer API

Issue - State: open - Opened by w3cbot 6 months ago
Labels: tracker, pending

#216 - Adds Digital Credentials from WICG

Issue - State: closed - Opened by w3cbot 7 months ago - 1 comment
Labels: tracker, pending, close?, s:wasm-core

#215 - Should showPicker() consume user activation?

Issue - State: open - Opened by w3cbot 8 months ago
Labels: tracker, pending, close?, s:html, whatwg

#214 - Implement dangling markup injection mitigation

Issue - State: open - Opened by w3cbot 9 months ago
Labels: tracker, pending, s:html, whatwg

#213 - Security and Privacy Self Review

Issue - State: open - Opened by w3cbot 10 months ago
Labels: tracker, pending, s:vc-di-bbs

#212 - Interactions of Content-Disposition with CSP-FA/XFO and Status Codes

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:html

#212 - Interactions of Content-Disposition with CSP-FA/XFO and Status Codes

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:html, whatwg

#211 - Which status codes are allowed for various tags such as script, video, audio?

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:html

#211 - Which status codes are allowed for various tags such as script, video, audio?

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:html, whatwg

#210 - Highlight security/privacy trade-offs between RDF-CANON and JCS

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: needs-resolution, pending, s:vc-di-eddsa

#210 - Highlight security/privacy trade-offs between RDF-CANON and JCS

Issue - State: closed - Opened by w3cbot about 1 year ago - 1 comment
Labels: needs-resolution, pending, close?, s:vc-data-integrity

#209 - Highlight security/privacy trade-offs between RDF-CANON and JCS

Issue - State: closed - Opened by w3cbot about 1 year ago - 1 comment
Labels: needs-resolution, pending, close?, s:vc-data-integrity, wg:vc

#209 - Highlight security/privacy trade-offs between RDF-CANON and JCS

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: needs-resolution, pending

#208 - Add Security Consideration to avoid key reuse

Issue - State: closed - Opened by w3cbot about 1 year ago - 1 comment
Labels: tracker, pending, close?, s:vc-data-integrity

#208 - Add Security Consideration to avoid key reuse

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: needs-resolution, pending

#207 - Security and Privacy Self-Review Questionnaire

Issue - State: closed - Opened by w3cbot about 1 year ago - 1 comment
Labels: needs-resolution, pending, close?, s:vc-jose-cose, wg:vc

#206 - Security and Privacy Self-Review Questionnaire

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:vc-jose-cose

#205 - Add an algorithm for setting the agent certificate serial number

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, s:openscreenprotocol, pending, close?, wg:secondscreen

#204 - Update for SPAKE2

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, s:openscreenprotocol, pending

#204 - Update for SPAKE2

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, s:openscreenprotocol, pending, close?, wg:secondscreen

#203 - Simplify TLS requirements so we don't have to recommend algorithms.

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, s:openscreenprotocol, pending, close?

#202 - Define the agent fingerprint as the SPKI.

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, s:openscreenprotocol, pending

#202 - Define the agent fingerprint as the SPKI.

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, s:openscreenprotocol, pending, close?, wg:secondscreen

#201 - Phantomrwcwride2Zero

Issue - State: open - Opened by PhantomRwcwride2Zero about 1 year ago

#201 - Phantomrwcwride2Zero

Issue - State: open - Opened by PhantomRwcwride2Zero about 1 year ago

#200 - Web Application Security WG 2023

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:html

#199 - Web Identity Credential Working Group Charter

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:html

#199 - Web Identity Credential Working Group Charter

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:html

#198 - Encourage the use of OHTTP

Issue - State: closed - Opened by w3cbot about 1 year ago - 1 comment
Labels: needs-resolution, pending, s:vc-data-model, close?, wg:vc

#197 - Encourage the use of OHTTP

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:vc-data-model, close?

#196 - Point Privacy and Security Considerations section back to Data Integrity

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:vc-di-eddsa

#195 - Highlight security/privacy trade-offs between RDF-CANON and JCS

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:vc-di-eddsa

#194 - Add reference back to VC Data Model Security and Privacy Considerations sections

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:vc-data-integrity

#194 - Add reference back to VC Data Model Security and Privacy Considerations sections

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:vc-data-integrity

#193 - Add Security Consideration to avoid key reuse

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:vc-data-model, close?

#192 - Add normative guidance that @context files SHOULD be cached

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:vc-data-integrity

#191 - Add normative guidance that Deterministic signatures SHOULD be used

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: needs-resolution, pending, close?

#190 - Point Privacy and Security Considerations section back to Data Integrity

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: needs-resolution, pending, close?

#189 - Highlight security/privacy trade-offs between RDF-CANON and JCS

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: needs-resolution, pending, close?

#189 - Highlight security/privacy trade-offs between RDF-CANON and JCS

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: needs-resolution, pending, close?

#188 - Strengthening Trust Boundaries for Holder Software in Verifiable Credential Processing

Issue - State: closed - Opened by w3cbot about 1 year ago - 1 comment
Labels: needs-resolution, pending, s:vc-data-model, close?, wg:vc

#187 - Strengthening Trust Boundaries for Holder Software in Verifiable Credential Processing

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:vc-data-model, close?

#186 - Addressing Verifier Stored Data Vulnerabilities and Legal Compliance

Issue - State: closed - Opened by w3cbot about 1 year ago - 1 comment
Labels: needs-resolution, pending, s:vc-data-model, close?, wg:vc

#185 - Addressing Verifier Stored Data Vulnerabilities and Legal Compliance

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:vc-data-model, close?

#184 - Security and Privacy Self-Review Questionnaire

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, close?, s:vc-data-integrity, wg:vc

#183 - Security: fetch event in service worker can bypass the limitation of extension's CSP

Issue - State: open - Opened by w3cbot about 1 year ago
Labels: tracker, pending, s:webextensions

#182 - Security and Privacy Self-Review Questionnaire

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, s:vc-data-model, close?

#182 - Security and Privacy Self-Review Questionnaire

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, s:vc-data-model, close?

#181 - HTTPS Upgrades

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, close?

#180 - RDF Canonicalization

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, close?

#179 - Repeat fingerprinting analysis assuming a malicious font server

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, close?, s:ift

#179 - Repeat fingerprinting analysis assuming a malicious font server

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, close?, s:ift

#178 - "sideloading" and "untrustworthy" references are unclear given lack of authentication and integrity

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, close?

#178 - "sideloading" and "untrustworthy" references are unclear given lack of authentication and integrity

Issue - State: open - Opened by w3cbot over 1 year ago
Labels: tracker, pending, close?

#177 - Add some security considerations for sites using this API

Issue - State: closed - Opened by w3cbot over 1 year ago - 1 comment
Labels: needs-resolution, pending

#176 - security considerations regarding use of platform accessibility apis for accessing user data

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: tracker, pending, close?, s:core-aam

#176 - security considerations regarding use of platform accessibility apis for accessing user data

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: tracker, pending, close?, s:core-aam

#175 - VISS core: what is a pseudo-VIN

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, close?, s:viss-core

#175 - VISS core: what is a pseudo-VIN

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, close?, s:viss-core

#174 - VISS Core: why is access control non-normative?

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, close?, s:viss-core

#173 - VISS Core: "certified" applications?

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, close?, s:viss-core

#173 - VISS Core: "certified" applications?

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, close?, s:viss-core

#172 - More architectural description

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, s:viss-core

#172 - More architectural description

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, s:viss-core

#171 - Add in-line privacy and security considerations to VISS transport

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: needs-resolution, pending, s:viss-core

#170 - Private State Tokens (formerly Trust Tokens)

Issue - State: open - Opened by w3cbot almost 2 years ago
Labels: tracker, pending, close?

#169 - COOP: restrict-properties early review

Issue - State: open - Opened by w3cbot about 2 years ago - 1 comment
Labels: tracker, pending

#169 - COOP: restrict-properties early review

Issue - State: open - Opened by w3cbot about 2 years ago - 1 comment
Labels: tracker, pending, close?

#168 - Security considerations: Malware in `eXIf`

Issue - State: open - Opened by w3cbot about 2 years ago
Labels: tracker, pending, close?

#168 - Security considerations: Malware in `eXIf`

Issue - State: open - Opened by w3cbot about 2 years ago
Labels: tracker, pending, close?

#167 - Security considerations: malicious data after `IEND`

Issue - State: open - Opened by w3cbot about 2 years ago
Labels: tracker, pending, close?

#167 - Security considerations: malicious data after `IEND`

Issue - State: open - Opened by w3cbot about 2 years ago
Labels: tracker, pending, close?

#166 - Framebust out of webviews

Issue - State: open - Opened by w3cbot about 2 years ago
Labels: tracker, pending, s:html

#166 - Framebust out of webviews

Issue - State: open - Opened by w3cbot about 2 years ago
Labels: tracker, pending, s:html

#165 - authenticity and integrity of dcat files and associated datasets

Issue - State: open - Opened by w3cbot about 2 years ago
Labels: needs-resolution, pending, s:vocab-dcat

#164 - COEP reflection

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, close?

#164 - COEP reflection

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, close?

#163 - Privacy and security changes

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, close?

#163 - Privacy and security changes

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, close?

#162 - Add responses to the Self-Review Questionnaire: Security and Privacy

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, close?, s:webnn

#161 - Add initial Security and Privacy Considerations sections

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, close?, s:webnn

#160 - security and privacy self review check list

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending

#160 - security and privacy self review check list

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending

#159 - Privacy and Security Considerations section review for Personalization Semantics Content

Issue - State: closed - Opened by w3cbot over 2 years ago - 1 comment
Labels: tracker, pending, wg:apa

#158 - Define opaque-response blocking

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, s:fetch, whatwg

#158 - Define opaque-response blocking

Issue - State: open - Opened by w3cbot over 2 years ago
Labels: tracker, pending, s:fetch, whatwg

#157 - External resources should be loaded securely

Issue - State: closed - Opened by w3cbot over 2 years ago - 2 comments
Labels: needs-resolution, pending, close?, wg:epub, wg:pm