- Mailing list archive: http://lists.w3.org/Archives/Public/public-webappsec/
- Website: http://www.w3.org/2011/webappsec/
- Tracker: http://www.w3.org/2011/webappsec/track/
- Bugzilla: http://www.w3.org/Bugs/Public/describecomponents.cgi?product=WebAppsSec
-
Content Security Policy
- Editor's draft: https://w3c.github.io/webappsec/specs/content-security-policy/
- Level 1, Note: http://w3.org/TR/CSP
- Level 2, Candidate Recommendation: http://w3.org/TR/CSP2
-
Credential Management:
-
Entry Point Regulation:
-
Mixed Content:
- Editor's Draft: https://w3c.github.io/webappsec/specs/mixedcontent/
- Candidate Recommendation: http://www.w3.org/TR/mixed-content/
-
Privileged Contexts
-
Referrer Policy
-
Subresource Integrity
-
Upgrade Insecure Requests