Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / w3c/webappsec-cspee issues and pull requests

#29 - Add Trusted Types support to CSP Embedded Enforcement

Pull Request - State: open - Opened by shhnjk 7 months ago - 2 comments

#28 - Remove same-origin blanket enforcement

Pull Request - State: closed - Opened by shhnjk about 1 year ago - 3 comments

#26 - Buggy behavior with multiple nested frames

Issue - State: closed - Opened by antosart about 2 years ago - 16 comments

#25 - Fix the Participate self-links

Pull Request - State: closed - Opened by jyasskin over 2 years ago

#24 - Editor's draft not getting autoupdated

Issue - State: open - Opened by jyasskin over 2 years ago

#23 - Add Antonio Sartori as editor

Pull Request - State: closed - Opened by antosart over 2 years ago

#22 - Limit length of 'csp' attribute

Issue - State: open - Opened by antosart about 3 years ago - 9 comments

#21 - Limit length of CSP attribute

Pull Request - State: open - Opened by antosart about 3 years ago - 1 comment

#20 - Fix typo

Pull Request - State: closed - Opened by ericlaw1979 over 3 years ago - 1 comment

#19 - Status of CSPEE spec? Implementor interest?

Issue - State: open - Opened by sideshowbarker over 3 years ago - 4 comments

#18 - Fix source list intersection algorithm

Pull Request - State: closed - Opened by antosart about 4 years ago

#17 - Rewrite source expression intersection without using similarity

Pull Request - State: open - Opened by antosart about 4 years ago - 1 comment

#16 - Meaning of 'self' in csp attribute

Issue - State: open - Opened by antosart about 4 years ago

#15 - Fix example of non-similar CSP sources with different ports

Pull Request - State: open - Opened by antosart about 4 years ago

#14 - Wildcard hosts and CSP source intersection

Issue - State: open - Opened by antosart about 4 years ago

#13 - Fix examples involving wildcard host matching.

Pull Request - State: open - Opened by antosart over 4 years ago

#12 - Should we restrict CSPEE to secure schemes?

Issue - State: open - Opened by antosart over 4 years ago

#11 - Cancel navigation on invalid required CSP attribute

Pull Request - State: open - Opened by antosart over 4 years ago - 1 comment

#10 - Should file and filesystem schemes allow blanket enforcement?

Issue - State: open - Opened by antosart over 4 years ago - 1 comment

#9 - Fix subsume-source-expressions algorithm

Pull Request - State: open - Opened by antosart over 4 years ago

#8 - Sites should be able to specify a default required CSP

Issue - State: open - Opened by michael-oneill almost 6 years ago - 3 comments

#7 - Embedded: Think about the implications of allowing injected `csp` with reporting.

Issue - State: open - Opened by mikewest almost 6 years ago
Labels: EMBEDDED

#6 - Embedded Enforcement: Invalid required csp attribute on iframe

Issue - State: open - Opened by mikewest almost 6 years ago
Labels: EMBEDDED

#5 - Clarify what is the threat model for embedded enforcement

Issue - State: open - Opened by mikewest almost 6 years ago
Labels: EMBEDDED

#4 - Embedded: consider other contexts other than iframe

Issue - State: open - Opened by mikewest almost 6 years ago - 3 comments
Labels: EMBEDDED

#3 - Embedding-CSP header

Issue - State: open - Opened by mikewest almost 6 years ago - 11 comments
Labels: EMBEDDED, CSP

#3 - Embedding-CSP header

Issue - State: open - Opened by mikewest almost 6 years ago - 11 comments
Labels: EMBEDDED, CSP

#1 - How is CSPEE recursive?

Issue - State: open - Opened by mikewest almost 6 years ago - 6 comments

#1 - How is CSPEE recursive?

Issue - State: open - Opened by mikewest almost 6 years ago - 6 comments