-
-
-
securer-contexts Public archive
Secure Contexts, but with _more_ secureness!
-
-
-
-
content Public
Forked from mdn/contentThe content behind MDN Web Docs
Markdown Other UpdatedNov 9, 2023 -
deprecating-document-domain Public
`document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
-
-
summernote Public
Forked from summernote/summernoteSuper simple WYSIWYG editor
JavaScript MIT License UpdatedSep 20, 2023 -
-
baseline-header Public
What if developers could opt-into better default behaviors en masse, forcing them to pick and choose the legacy risks they want to enable.
18 UpdatedJan 9, 2023 -
-
sanitizer-playground Public
A demonstration of the HTML Sanitizer API.
-
-
http-state-tokens Public
Incrementally better HTTP state management.
-
content-security-policy Public
Personal draft of the Web Application Security WG's Content Security Policy specification.
-
-
-
mikewest.github.com Public
projects.mikewest.org
-
categorizing-capabilities Public
Apps fall into categories. Categories are bound to capabilities.
1 UpdatedFeb 25, 2021 -
timeliner Public
Forked from mholt/timelinerAll your digital life on a single timeline, stored locally
Go GNU Affero General Public License v3.0 UpdatedDec 28, 2020 -
embedding-requires-opt-in Public
Embedding a document (via `<iframe>`, etc) should require explicit opt-in from the embedee.
4 UpdatedNov 26, 2020 -
-
coop-by-default Public
Wouldn't it be nice if `Cross-Origin-Opener-Policy` was applied by default?
-
isolated.website Public
It's an isolated website. Maybe yours should follow suit?
-
consider-deploying-corp Public
Consider deploying Cross-Origin Resource Policy.
-
static_gettext Public archive
`gettext` wrapper, enabling localization of static documents and websites.
-
-
change-password-url Public
Forked from w3c/webappsec-change-password-urlA Well-Known URL for Changing Passwords
Makefile Other UpdatedJun 12, 2020