Skip to content

Issues: w3c/security-review

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
3 Open 0 Closed
3 Open 0 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Define opaque-response blocking pending Issue created by the tracker tool and may need to be refined s:fetch https://fetch.spec.whatwg.org/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#158 opened May 17, 2022 by w3cbot
should VARY be a cors-safelisted header? pending Issue created by the tracker tool and may need to be refined s:fetch https://fetch.spec.whatwg.org/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#126 opened Dec 3, 2021 by w3cbot
Remove Cache-Control and Expires headers from the CORS-safelisted response headers to prevent user tracking pending Issue created by the tracker tool and may need to be refined s:fetch https://fetch.spec.whatwg.org/ tracker Security is following a discussion, but doesn't require resolution. whatwg https://whatwg.org/
#81 opened Dec 19, 2020 by w3cbot
ProTip! Adding no:label will show everything without a label.