w3c / webappsec-suborigins Public

Notifications You must be signed in to change notification settings
Fork 9
Star 25

Code
Issues 24
Pull requests
Actions
Projects
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Wiki
Security
Insights

Issues: w3c/webappsec-suborigins

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts

0 Open 21 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

Don't use The Web Origin Concept

#53 by annevk was closed Oct 26, 2016 v1

Stop using blacklist as a term

#49 by annevk was closed Oct 4, 2016

Suborigin names should not be allowed to start with number

#47 by joelweinberger was closed May 13, 2017 v1

Create a reserved prefix or delimiter for serialization of typed suborigins

#40 by hillbrad was closed May 17, 2017 v1

Understanding the syntax

#39 by intchloe was closed Jun 21, 2016

Underscore should not be used for serialization.

#38 by naskooskov was closed Sep 30, 2016

#36 by bsittler was closed Oct 23, 2016 v1

Default to withCredentials=true for CORS requests

#33 by arturjanc was closed Oct 21, 2016 v1

Behavior of Host prefix in the presence of unsafe-cookies option

#28 by devd was closed May 13, 2017 v1

set-cookie with suborigin header should set cookie in new cookie jar

#27 by devd was closed Oct 25, 2016 v1

postMessage extra argument for suborigin

#26 by devd was closed May 13, 2017 v1

Unsafe Opt-outs for postMessage

#24 by devd was closed Sep 30, 2016 v1

Define syntax for unsafe optouts

#23 by devd was closed Mar 11, 2016

Suborigin header should only use the last header, not any of the first ones

#19 by joelweinberger was closed Mar 2, 2016

Define 'physical origin'

#17 by joelweinberger was closed Oct 26, 2016 v1

Spec contains invalid syntax

#14 by mitar was closed Feb 18, 2016

Do suborigins work with META tag

#10 by mitar was closed Feb 8, 2016

Are suborigins case sensitive or not?

#9 by mitar was closed Mar 8, 2016

Allow . in the suborigin

#8 by mitar was closed Feb 8, 2016

Origins in the spec have trailing /

#7 by mitar was closed Feb 18, 2016

Why having both serialized origins and finerorigin/suborigin

#6 by mitar was closed May 13, 2017 v1

ProTip! Adding no:label will show everything without a label.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly