- Mailing list archive: http://lists.w3.org/Archives/Public/public-webappsec/
- Website: http://www.w3.org/2011/webappsec/
- Tracker: http://www.w3.org/2011/webappsec/track/
- Bugzilla: http://www.w3.org/Bugs/Public/describecomponents.cgi?product=WebAppsSec
-
Content Security Policy
- Editor's draft: https://w3c.github.io/webappsec/specs/content-security-policy/
- Level 1, Note: http://w3.org/TR/CSP
- Level 2, Candidate Recommendation: http://w3.org/TR/CSP2
-
Credential Management:
-
Entry Point Regulation:
- Editor's draft: https://w3c.github.io/webappsec/specs/epr/
-
Mixed Content:
- Editor's Draft: https://w3c.github.io/webappsec/specs/mixedcontent/
- Candidate Recommendation: http://www.w3.org/TR/mixed-content/
-
Privileged Contexts
- Editor's Draft: https://w3c.github.io/webappsec/specs/powerfulfeatures/
- Working Draft: http://www.w3.org/TR/powerful-features/
-
Referrer Policy
- Editor's Draft: https://w3c.github.io/webappsec/specs/referrer-policy/
- Working Draft: http://w3.org/TR/referrer-policy
-
Subresource Integrity
- Editor's Draft: https://w3c.github.io/webappsec/specs/subresourceintegrity/
- Working Draft: http://w3.org/TR/SRI
-
Upgrade Insecure Requests
- Editor's Draft: https://w3c.github.io/webappsec/specs/upgrade/
- Working Draft: http://www.w3.org/TR/upgrade-insecure-requests/