WICG / csp-next

Related projects ⓘ

Alternatives and complementary repositories for csp-next

• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆10Updated 5 years ago
• mikewest / securer-contexts
  Secure Contexts, but with _more_ secureness!
  ☆20Updated 6 months ago
• tc39 / security
  Discussion area for security aspects of ECMAScript
  ☆64Updated 6 years ago
• WICG / origin-policy
  [On hold for now] A mechanism for origins to set their origin-wide configuration in a central location
  ☆33Updated 2 years ago
• mikewest / deprecating-document-domain
  `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
  ☆16Updated last year
• mikewest / scheming-cookies
  Cookies should take scheme into account, just like every other storage mechanism on the web.
  ☆16Updated 4 years ago
• annevk / orb
  Opaque Response Blocking (CORB++)
  ☆35Updated 2 years ago
• WICG / document-policy
  ☆20Updated 2 years ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 6 months ago
• w3c / webappsec-csp
  WebAppSec Content Security Policy
  ☆210Updated last month
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆231Updated this week
• w3c / webappsec-post-spectre-webdev
  Post-Spectre Web Development
  ☆17Updated last year
• mikewest / baseline-header
  What if developers could opt-into better default behaviors en masse, forcing them to pick and choose the legacy risks they want to enable…
  ☆19Updated last year
• pmeenan / http2priorities
  Test Page for HTTP/2 prioritization (server and browser)
  ☆108Updated 4 years ago
• google / safe-html-types
  Security contract types
  ☆61Updated 2 years ago
• WICG / signature-based-sri
  Signature-based Resource Loading Restrictions
  ☆23Updated last week
• HTTPWorkshop / workshop2019
  Working area for the 2019 HTTP Workshop
  ☆25Updated 3 years ago
• google / webpackager
  ☆71Updated 7 months ago
• explainers-by-googlers / standardizing-cross-site-cookie-semantics
  A proposal to standardize security semantics of cross-site cookies
  ☆17Updated 11 months ago
• w3c / webappsec-uisecurity
  User Interface Security and the Visibility API
  ☆11Updated 3 years ago
• mikewest / cookie-incrementalism
  Incrementally better cookies.
  ☆22Updated 2 years ago
• shivanigithub / http-cache-partitioning
  ☆32Updated 4 years ago
• asankah / ephemeral-fingerprinting
  Problem statement and basic mitigations for ephemeral fingerprinting on the web.
  ☆20Updated 3 years ago
• WICG / client-hints-infrastructure
  Specification for the Client Hints infrastructure - privacy preserving proactive content negotiation
  ☆61Updated 5 months ago
• mozilla / sanitizer-polyfill
  rewrite constructor arguments, call DOMPurify, profit
  ☆67Updated last month
• tc39 / proposal-symbol-proto
  TC39 proposal for mitigating prototype pollution
  ☆44Updated last year
• cfredric / sameparty
  ☆30Updated 2 years ago
• WICG / sanitizer-api
  ☆228Updated 2 months ago
• camillelamy / explainers
  ☆11Updated 2 years ago
• mdn / stumptown-content
  ☆23Updated 3 years ago