sc0ttbeardsley/webappsec

Web Application Security Working Group

• Mailing list archive: http://lists.w3.org/Archives/Public/public-webappsec/
• Website: http://www.w3.org/2011/webappsec/
• Tracker: http://www.w3.org/2011/webappsec/track/
• Bugzilla: http://www.w3.org/Bugs/Public/describecomponents.cgi?product=WebAppsSec

Specifications

• Content Security Policy

  • Editor's draft:
    • https://w3c.github.io/webappsec/specs/content-security-policy/
    • Source: https://github.com/w3c/webappsec/tree/master/specs/content-security-policy/
  • Level 1:
    • Candidate Recommendation: http://w3.org/TR/CSP
  • Level 2:
    • Last Call Working Draft: http://w3.org/TR/CSP2
    • Editors' Draft: https://w3c.github.io/webappsec/specs/CSP2/

• Credential Management:

  • Editor's draft: https://w3c.github.io/webappsec/specs/credentialmanagement/
    • Source: https://github.com/w3c/webappsec/tree/master/specs/credentialmanagement/
  • Use Cases: https://w3c.github.io/webappsec/usecases/credentialmanagement/

• Mixed Content (LAST CALL):

  • Editor's Draft: https://w3c.github.io/webappsec/specs/mixedcontent/
  • Last Call Working Draft: http://w3.org/TR/mixed-content
  • Source: https://github.com/w3c/webappsec/tree/master/specs/mixedcontent

• Referrer Policy

  • Editor's Draft: https://w3c.github.io/webappsec/specs/referrer-policy/
  • Working Draft: http://w3.org/TR/referrer-policy
  • Source: https://github.com/w3c/webappsec/tree/master/specs/referrer-policy

• Subresource Integrity

  • Editor's Draft: https://w3c.github.io/webappsec/specs/subresourceintegrity/
  • Working Draft: http://w3.org/TR/SRI
  • Source: https://github.com/w3c/webappsec/tree/master/specs/subresourceintegrity

• Powerful Features

  • Editor's Draft: https://w3c.github.io/webappsec/specs/powerfulfeatures/
  • Working Draft: http://www.w3.org/TR/powerful-features/
  • Source: https://github.com/w3c/webappsec/blob/master/specs/powerfulfeatures