Main Page: Difference between revisions
| Line 12: | Line 12: | ||
===Specs=== | ===Specs=== | ||
Wiki pages containing information about these specifications: | |||
* [[Content Security Policy]] ([http://www.w3.org/2011/webappsec/ webappsec]); use the [http://lists.w3.org/Archives/Public/public-web-security/ public-web-security@w3.org] mailing list for discussion. | * [[Content Security Policy]] ([http://www.w3.org/2011/webappsec/ webappsec]); use the [http://lists.w3.org/Archives/Public/public-web-security/ public-web-security@w3.org] mailing list for discussion. | ||
Revision as of 09:22, 3 November 2011
Web Security Wiki
Improving standards and implementations to advance the security of the Web.
This wiki is open for contributions by all with a W3C account. For discussions, please refer to the public-web-security mailing list.
- request a Member account (use if you work for a W3C member company)
- request a Public account (use otherwise)
- password mailback
Specs to review, groups to watch
Specs
Wiki pages containing information about these specifications:
- Content Security Policy (webappsec); use the public-web-security@w3.org mailing list for discussion.
- XMLHttpRequest (webapps)
- CORS and Uniform Messaging Policy (webappsec); use the public-web-security@w3.org mail list for related discussions
- HTML5 (html)
- Websockets (webapps)
Groups
Related Groups to Liaise With
Ongoing issues
- Trusted User Interface
- Same Origin Policy and Same Origin Policy by Adam Barth
- Cross Site Attacks
- Comparison of CORS and UMP (Work in progress)
Perhaps this wiki would be handy for thinking thru some security patterns the TAG is discussing under ISSUE-31 (metadatainURI-31)...
- Ungessable URI, Web Key, Email Confirmation
- Passwords In The Clear (maybe not worth bothering; the finding is done, I think)