Skip to content
Navigation Menu
Toggle navigation
Sign in
Product
Actions
Automate any workflow
Packages
Host and manage packages
Security
Find and fix vulnerabilities
Codespaces
Instant dev environments
GitHub Copilot
Write better code with AI
Code review
Manage code changes
Issues
Plan and track work
Discussions
Collaborate outside of code
Explore
All features
Documentation
GitHub Skills
Blog
Solutions
By size
Enterprise
Teams
Startups
By industry
Healthcare
Financial services
Manufacturing
By use case
CI/CD & Automation
DevOps
DevSecOps
Resources
Topics
AI
DevOps
Innersource
Open Source
Security
Software Development
Explore
Learning Pathways
White papers, Ebooks, Webinars
Customer Stories
Partners
Open Source
GitHub Sponsors
Fund open source developers
The ReadME Project
GitHub community articles
Repositories
Topics
Trending
Collections
Enterprise
Enterprise platform
AI-powered developer platform
Available add-ons
Advanced Security
Enterprise-grade security features
GitHub Copilot
Enterprise-grade AI features
Premium Support
Enterprise-grade 24/7 support
Pricing
Search or jump to...
Search code, repositories, users, issues, pull requests...
Search syntax tips
Provide feedback
Saved searches
Use saved searches to filter your results more quickly
Sign in
Sign up
You signed in with another tab or window.
Reload
to refresh your session.
You signed out in another tab or window.
Reload
to refresh your session.
You switched accounts on another tab or window.
Reload
to refresh your session.
Dismiss alert
{{ message }}
alice
/
html
Public
forked from
whatwg/html
Notifications
You must be signed in to change notification settings
Fork
2
Star
0
Code
Pull requests
1
Actions
Projects
0
Wiki
Security
Insights
Additional navigation options
Code
Pull requests
Actions
Projects
Wiki
Security
Insights
Commits
Branch selector
master
User selector
mikewest
All time
Commit History
Commits on Nov 22, 2017
Hide nonce content attribute values
mikewest
authored and
annevk
committed
Nov 22, 2017
19f5cce
Commits on Nov 20, 2017
Editorial: Clarifying secure context integration with Shared Workers
mikewest
authored and
domenic
committed
Nov 20, 2017
6f9d818
Commits on Jul 13, 2017
Add an onsecuritypolicyviolation global handler
mikewest
authored and
domenic
committed
Jul 13, 2017
508cf2d
Commits on Nov 14, 2016
Apply CSP to javascript URLs in navigate
mikewest
authored and
annevk
committed
Nov 14, 2016
9daeebf
Commits on Nov 3, 2016
Upstream SRI's 'integrity' attribute
mikewest
authored and
zcorpan
committed
Nov 3, 2016
4c5066c
Commits on Sep 28, 2016
Add <link nonce>
mikewest
authored and
annevk
committed
Sep 28, 2016
1d4fc66
Commits on Sep 13, 2016
Treat 'data:' documents as unique, opaque origins (
whatwg#1756
)
mikewest
authored and
foolip
committed
Sep 13, 2016
0076946
Commits on Sep 12, 2016
Set "one permitted sandbox navigator" for all sandbox-created popups
mikewest
authored and
domenic
committed
Sep 12, 2016
ca6c420
Commits on Aug 19, 2016
Editorial: moar bikeshed metadata
mikewest
authored and
annevk
committed
Aug 19, 2016
c050450
Commits on Aug 18, 2016
Upstream navigation hooks from CSP
mikewest
authored and
annevk
committed
Aug 18, 2016
2083b00
Editorial: add bikeshed metadata
mikewest
authored and
annevk
committed
Aug 18, 2016
bae9fc5
Commits on Aug 2, 2016
Upstream the 'plugin-types' hooks from CSP3
mikewest
authored and
domenic
committed
Aug 2, 2016
5bafd7e
Commits on Jul 15, 2016
Add 'creator context security'
mikewest
authored and
domenic
committed
Jul 15, 2016
91f1919
Upstream SharedWorker constructor changes from Secure Contexts
mikewest
authored and
domenic
committed
Jul 15, 2016
45e2322
Commits on May 23, 2016
Updating references from CSPDOCUMENT to CSP
mikewest
authored and
annevk
committed
May 23, 2016
c90e53c
Commits on Apr 15, 2016
Wire up CSP's control over the base element
mikewest
authored and
annevk
committed
Apr 15, 2016
7bfca70
Pass parser metadata to Fetch
mikewest
authored and
annevk
committed
Apr 15, 2016
e6500b9
Commits on Apr 14, 2016
Add a source argument to CSP's inline behavior algorithm
mikewest
authored and
annevk
committed
Apr 14, 2016
e0863d9
Commits on Apr 8, 2016
Wire up HostEnsureCanCompileStrings to CSP
mikewest
authored and
domenic
committed
Apr 8, 2016
374b54d
Commits on Apr 6, 2016
Pass cryptographic nonce metadata to Fetch
mikewest
authored and
annevk
committed
Apr 6, 2016
5479e07
Commits on Jan 29, 2016
CSP: Fix workers' CSP list initialization.
mikewest
committed
Jan 29, 2016
05f9f32
Commits on Dec 14, 2015
Close
whatwg#384
: add CSP hooks to handle inline events and style
mikewest
authored and
annevk
committed
Dec 14, 2015
920c918
Commits on Nov 6, 2015
Add a 'noopener' <link rel> keyword and window feature
mikewest
authored and
annevk
committed
Nov 6, 2015
2992ea9
Call out to CSP's inline element hooks
mikewest
committed
Nov 6, 2015
ee3486e
Commits on Nov 5, 2015
Move 'HTTPS state' from Window to Document
mikewest
committed
Nov 5, 2015
68390ce
Add and populate global object's "CSP list"
mikewest
committed
Nov 5, 2015
479dfbf
Commits on Oct 21, 2015
Update CSP links
mikewest
committed
Oct 21, 2015
7e8a536
Commits on Sep 24, 2015
Add 'HTTPS state' to settings objects
mikewest
authored and
annevk
committed
Sep 24, 2015
6de5241
Commits on Sep 9, 2015
Close
whatwg#123
: add creation URL to environment settings objects
mikewest
authored and
annevk
committed
Sep 9, 2015
9d4276a
Commits on Sep 8, 2015
Fix
whatwg#88
: add the 'Content-Security-Policy' pragma directive
mikewest
authored and
annevk
committed
Sep 8, 2015
5064a62
Commits on Aug 31, 2015
Block modal dialogs by default in sandboxed documents
mikewest
authored and
annevk
committed
Aug 31, 2015
bbccfc9
Define script@nonce and style@nonce attributes
mikewest
committed
Aug 31, 2015
882803c
Commits on Aug 30, 2015
Cleanup sandbox token lists
mikewest
authored and
annevk
committed
Aug 30, 2015
36f2a65
Commits on Aug 29, 2015
Add an 'allow-popups-to-escape-sandbox' sandboxing token
mikewest
committed
Aug 29, 2015
955fbaa
You can’t perform that action at this time.