w3c / webappsec-csp

Related projects ⓘ

Alternatives and complementary repositories for webappsec-csp

• w3c / webappsec
  Web Application Security Working Group repo
  ☆607Updated 2 weeks ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 6 months ago
• google / csp-evaluator
  ☆329Updated last week
• WICG / csp-next
  A Modest Content Security Proposal
  ☆39Updated 3 years ago
• w3c / webappsec-subresource-integrity
  WebAppSec Subresource Integrity
  ☆70Updated 3 weeks ago
• w3c / trusted-types
  A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
  ☆606Updated this week
• WICG / sanitizer-api
  ☆228Updated last month
• whatwg / storage
  Storage Standard
  ☆125Updated 3 weeks ago
• w3ctag / design-reviews
  W3C specs and API reviews
  ☆332Updated 2 months ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆200Updated 4 months ago
• xsleaks / wiki
  XS-Leaks Wiki
  ☆150Updated 2 months ago
• chromium / hstspreload
  🔒🔍 A Go package to scan sites against requirements for Chromium-maintained HSTS preload list.
  ☆115Updated last month
• mozilla / infosec.mozilla.org
  Guidelines, principles published on https://infosec.mozilla.org
  ☆95Updated 3 months ago
• httpwg / http-extensions
  HTTP Extensions in progress
  ☆443Updated this week
• google / certificate-transparency-community-site
  Certificate Transparency Community Website
  ☆106Updated last month
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆231Updated 3 weeks ago
• crtsh / certwatch_db
  Database schema
  ☆199Updated last week
• shapesecurity / salvation
  Parse Content Security Policy headers, warn about policy errors, safely manipulate, render, and optimise policies
  ☆68Updated 2 months ago
• tc39 / security
  Discussion area for security aspects of ECMAScript
  ☆64Updated 6 years ago
• google / security-crawl-maze
  Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …
  ☆155Updated 8 months ago
• w3c / network-error-logging
  Network Error Logging
  ☆81Updated 2 months ago
• google / safe-html-types
  Security contract types
  ☆61Updated 2 years ago
• mozilla / http-observatory-website
  Mozilla Observatory (Website)
  ☆308Updated 2 weeks ago
• HTTPArchive / httparchive.org
  The HTTP Archive website hosted on App Engine
  ☆334Updated this week
• xsleaks / xsleaks
  A collection of browser-based side channel attack vectors.
  ☆737Updated 7 months ago
• uber-archive / paranoid-request
  An SSRF-preventing wrapper around Node's request module
  ☆26Updated 6 years ago
• privacycg / CHIPS
  A proposal for a cookie attribute to partition cross-site cookies by top-level site
  ☆129Updated last month
• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆10Updated 5 years ago
• chromium / trickuri
  ☆143Updated last year
• cure53 / browser-sec-whitepaper
  Cure53 Browser Security White Paper
  ☆286Updated 6 years ago