Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / w3c/webappsec-cspee issues and pull requests
#29 - Add Trusted Types support to CSP Embedded Enforcement
Pull Request -
State: open - Opened by shhnjk 7 months ago
- 2 comments
#28 - Remove same-origin blanket enforcement
Pull Request -
State: closed - Opened by shhnjk about 1 year ago
- 3 comments
#27 - Broken references in Content Security Policy: Embedded Enforcement
Issue -
State: open - Opened by dontcallmedom-bot almost 2 years ago
#26 - Buggy behavior with multiple nested frames
Issue -
State: closed - Opened by antosart about 2 years ago
- 16 comments
#25 - Fix the Participate self-links
Pull Request -
State: closed - Opened by jyasskin over 2 years ago
#24 - Editor's draft not getting autoupdated
Issue -
State: open - Opened by jyasskin over 2 years ago
#23 - Add Antonio Sartori as editor
Pull Request -
State: closed - Opened by antosart over 2 years ago
#22 - Limit length of 'csp' attribute
Issue -
State: open - Opened by antosart about 3 years ago
- 9 comments
#21 - Limit length of CSP attribute
Pull Request -
State: open - Opened by antosart about 3 years ago
- 1 comment
#20 - Fix typo
Pull Request -
State: closed - Opened by ericlaw1979 over 3 years ago
- 1 comment
#19 - Status of CSPEE spec? Implementor interest?
Issue -
State: open - Opened by sideshowbarker over 3 years ago
- 4 comments
#18 - Fix source list intersection algorithm
Pull Request -
State: closed - Opened by antosart about 4 years ago
#17 - Rewrite source expression intersection without using similarity
Pull Request -
State: open - Opened by antosart about 4 years ago
- 1 comment
#16 - Meaning of 'self' in csp attribute
Issue -
State: open - Opened by antosart about 4 years ago
#15 - Fix example of non-similar CSP sources with different ports
Pull Request -
State: open - Opened by antosart about 4 years ago
#14 - Wildcard hosts and CSP source intersection
Issue -
State: open - Opened by antosart about 4 years ago
#13 - Fix examples involving wildcard host matching.
Pull Request -
State: open - Opened by antosart over 4 years ago
#12 - Should we restrict CSPEE to secure schemes?
Issue -
State: open - Opened by antosart over 4 years ago
#11 - Cancel navigation on invalid required CSP attribute
Pull Request -
State: open - Opened by antosart over 4 years ago
- 1 comment
#10 - Should file and filesystem schemes allow blanket enforcement?
Issue -
State: open - Opened by antosart over 4 years ago
- 1 comment
#9 - Fix subsume-source-expressions algorithm
Pull Request -
State: open - Opened by antosart over 4 years ago
#8 - Sites should be able to specify a default required CSP
Issue -
State: open - Opened by michael-oneill almost 6 years ago
- 3 comments
#7 - Embedded: Think about the implications of allowing injected `csp` with reporting.
Issue -
State: open - Opened by mikewest almost 6 years ago
Labels: EMBEDDED
#6 - Embedded Enforcement: Invalid required csp attribute on iframe
Issue -
State: open - Opened by mikewest almost 6 years ago
Labels: EMBEDDED
#5 - Clarify what is the threat model for embedded enforcement
Issue -
State: open - Opened by mikewest almost 6 years ago
Labels: EMBEDDED
#4 - Embedded: consider other contexts other than iframe
Issue -
State: open - Opened by mikewest almost 6 years ago
- 3 comments
Labels: EMBEDDED
#3 - Embedding-CSP header
Issue -
State: open - Opened by mikewest almost 6 years ago
- 11 comments
Labels: EMBEDDED, CSP
#3 - Embedding-CSP header
Issue -
State: open - Opened by mikewest almost 6 years ago
- 11 comments
Labels: EMBEDDED, CSP
#2 - Embedded: make clear that servers MUST respond with a CSP or Allow-CSP-From header, <meta> CSP's are not allowed.
Issue -
State: open - Opened by mikewest almost 6 years ago
- 2 comments
Labels: EMBEDDED
#1 - How is CSPEE recursive?
Issue -
State: open - Opened by mikewest almost 6 years ago
- 6 comments
#1 - How is CSPEE recursive?
Issue -
State: open - Opened by mikewest almost 6 years ago
- 6 comments