Skip to content

Issues: w3c/security-review

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

Put text about fingerprinting in the Security Considerations Section to point one in privacy considerations close? needs-resolution Security expects this item to be resolved to their satisfaction. pending Issue created by the tracker tool and may need to be refined s:device-posture https://w3c.github.io/device-posture/ wg:das https://www.w3.org/groups/wg/das
#239 opened Nov 18, 2024 by w3cbot
Structuring the security considerations section needs-resolution Security expects this item to be resolved to their satisfaction. pending Issue created by the tracker tool and may need to be refined s:vibration missing link wg:das https://www.w3.org/groups/wg/das
#238 opened Oct 31, 2024 by w3cbot
Integration with permissions API pending Issue created by the tracker tool and may need to be refined s:vibration missing link tracker Security is following a discussion, but doesn't require resolution. wg:das https://www.w3.org/groups/wg/das
#236 opened Oct 24, 2024 by w3cbot
Document-Isolation-Policy pending Issue created by the tracker tool and may need to be refined s:document-isolation-policy https://wicg.github.io/document-isolation-policy/ tracker Security is following a discussion, but doesn't require resolution.
#235 opened Oct 10, 2024 by w3cbot
Prevent currentScript from being overridden on document via name='' pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#234 opened Oct 9, 2024 by w3cbot
Self-review of security and privacy questionnaire for 2.0 CR transition cg:webassembly pending Issue created by the tracker tool and may need to be refined s:wasm-core https://webassembly.github.io/spec/core/bikeshed/ tracker Security is following a discussion, but doesn't require resolution.
#233 opened Oct 8, 2024 by w3cbot
Consider adding an [InjectionMitigated] extended attribute. pending Issue created by the tracker tool and may need to be refined s:webidl missing link tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#232 opened Oct 7, 2024 by w3cbot
Include details of SVG-as-Image and Canvas origin-clean pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#231 opened Sep 25, 2024 by w3cbot
FYI Private State Token API Permissions Policy Default Allowlist Wildcard close? pending Issue created by the tracker tool and may need to be refined s:trust-token-api https://wicg.github.io/trust-token-api/ tracker Security is following a discussion, but doesn't require resolution.
#230 opened Sep 12, 2024 by w3cbot
[mediaqueries-5] Prefers-* Media Features Security and Privacy odd wording pending Issue created by the tracker tool and may need to be refined s:mediaqueries missing link tracker Security is following a discussion, but doesn't require resolution. wg:css https://www.w3.org/groups/wg/css
#229 opened Sep 11, 2024 by w3cbot
Ideas for writing up security considerations close? needs-resolution Security expects this item to be resolved to their satisfaction. pending Issue created by the tracker tool and may need to be refined s:wcag2ict missing link wg:ag
#228 opened Sep 10, 2024 by w3cbot
Security self-review answers for 9 July 2024 WD of IFT pending Issue created by the tracker tool and may need to be refined s:ift https://w3c.github.io/IFT/Overview.html tracker Security is following a discussion, but doesn't require resolution. wg:webfonts https://www.w3.org/groups/wg/webfonts
#226 opened Jul 24, 2024 by w3cbot
[wg/rdf-star] RDF-star Group Charter pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution.
#223 opened Jun 19, 2024 by w3cbot
How to specify desired accuracy / resolution of data? pending Issue created by the tracker tool and may need to be refined s:geolocation https://w3c.github.io/geolocation-api/ tracker Security is following a discussion, but doesn't require resolution. wg:das https://www.w3.org/groups/wg/das
#222 opened Jun 15, 2024 by w3cbot
Data portability threat model, mitigations close? pending Issue created by the tracker tool and may need to be refined tracker Security is following a discussion, but doesn't require resolution.
#221 opened Jun 1, 2024 by w3cbot
Responses to the Security and Privacy Self-Review questionaire close? pending Issue created by the tracker tool and may need to be refined s:html-ruby-extensions https://w3c.github.io/html-ruby/ tracker Security is following a discussion, but doesn't require resolution. wg:htmlwg
#219 opened May 23, 2024 by w3cbot
joint work on rights-respecting digital credentials pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution.
#218 opened May 18, 2024 by w3cbot
Local Peer-to-Peer API pending Issue created by the tracker tool and may need to be refined tracker Security is following a discussion, but doesn't require resolution.
#217 opened Apr 22, 2024 by w3cbot
Should showPicker() consume user activation? close? pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#215 opened Jan 25, 2024 by w3cbot
Implement dangling markup injection mitigation pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#214 opened Jan 24, 2024 by w3cbot
Security and Privacy Self Review pending Issue created by the tracker tool and may need to be refined s:vc-di-bbs missing link tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#213 opened Dec 16, 2023 by w3cbot
Interactions of Content-Disposition with CSP-FA/XFO and Status Codes pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#212 opened Sep 26, 2023 by w3cbot
Which status codes are allowed for various tags such as script, video, audio? pending Issue created by the tracker tool and may need to be refined s:html https://html.spec.whatwg.org/multipage/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#211 opened Sep 26, 2023 by w3cbot
Security and Privacy Self-Review Questionnaire close? pending Issue created by the tracker tool and may need to be refined s:vc-jose-cose missing link tracker Security is following a discussion, but doesn't require resolution. wg:vc https://www.w3.org/groups/wg/vc
#206 opened Sep 15, 2023 by w3cbot
Add an algorithm for setting the agent certificate serial number close? pending Issue created by the tracker tool and may need to be refined s:openscreenprotocol https://w3c.github.io/openscreenprotocol/ tracker Security is following a discussion, but doesn't require resolution. wg:secondscreen https://www.w3.org/groups/wg/secondscreen
#205 opened Sep 11, 2023 by w3cbot
ProTip! Exclude everything labeled bug with -label:bug.