mikewest / strict-csp-for-everyone

Related projects ⓘ

Alternatives and complementary repositories for strict-csp-for-everyone

• WICG / csp-next
  A Modest Content Security Proposal
  ☆39Updated 3 years ago
• mikewest / securer-contexts
  Secure Contexts, but with _more_ secureness!
  ☆19Updated 6 months ago
• mikewest / scheming-cookies
  Cookies should take scheme into account, just like every other storage mechanism on the web.
  ☆16Updated 4 years ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 6 months ago
• w3c / webappsec-suborigins
  Suborigins
  ☆25Updated 3 years ago
• annevk / orb
  Opaque Response Blocking (CORB++)
  ☆35Updated 2 years ago
• mikewest / baseline-header
  What if developers could opt-into better default behaviors en masse, forcing them to pick and choose the legacy risks they want to enable…
  ☆19Updated last year
• WICG / signature-based-sri
  Signature-based Resource Loading Restrictions
  ☆23Updated this week
• mikewest / deprecating-document-domain
  `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
  ☆16Updated last year
• explainers-by-googlers / standardizing-cross-site-cookie-semantics
  A proposal to standardize security semantics of cross-site cookies
  ☆17Updated 11 months ago
• openwall / pwned-passwords-sampler
  Generate representative samples from Pwned Passwords (HIBP)
  ☆12Updated 2 years ago
• google / safe-html-types
  Security contract types
  ☆61Updated 2 years ago
• w3c / webappsec-uisecurity
  User Interface Security and the Visibility API
  ☆11Updated 3 years ago
• WICG / lang-client-hint
  Wouldn't it be nice if `Accept-Language` was a client hint?
  ☆11Updated 3 years ago
• w3c / webappsec-csp
  WebAppSec Content Security Policy
  ☆210Updated 3 weeks ago
• cure53 / PastePurify
  This is a tiny Chrome Extension that protects your from Clipboard XSS Attacks
  ☆19Updated 9 years ago
• w3c / webappsec-secure-contexts
  WebAppSec Secure Contexts
  ☆33Updated last year
• camillelamy / explainers
  ☆11Updated 2 years ago
• tfpauly / privacy-proxy
  Specifications for Privacy Proxy Implementations
  ☆29Updated this week
• WICG / document-policy
  ☆20Updated 2 years ago
• sbingler / schemeful-same-site
  Explainer for Schemeful Same-Site
  ☆15Updated 4 years ago
• w3ctag / security-questionnaire
  A security/privacy review questionnaire for W3C specs
  ☆25Updated 2 months ago
• cfredric / sameparty
  ☆29Updated 2 years ago
• w3cping / tracking-issues
  Repo to track PING initiated issues on other standards documents.
  ☆12Updated last week
• assetnote / kitebuilder
  ☆23Updated 8 months ago
• abusech / YARAify
  Open YARA scan- and search engine
  ☆16Updated last year
• w3c / webappsec-post-spectre-webdev
  Post-Spectre Web Development
  ☆17Updated last year
• tc39 / proposal-symbol-proto
  TC39 proposal for mitigating prototype pollution
  ☆43Updated last year
• crtsh / go-certlint
  Go wrapper for awslabs/certlint
  ☆24Updated 4 years ago
• tomnomnom / symwatch
  A tool to run a command when the target of a symlink changes
  ☆15Updated 8 years ago