About the Security category
Different script contexts with different browser features allowed
HTML Sanitizer API in the browser
Relationship of Permissions, Feature Policy, Origin Policy?
Adding an execution context while starting Web-Apps
Cookies created/controlled by OS's instead of websites
[Proposal] Trusted Types for DOM Manipulation
Cookie like restrictions on web storage
[Proposal] Set origin-wide policies via a manifest
Fyi wrt origin-wide policies: "The Need for a Coherent Web Security Policy Framework"
Transfer CORS-RFC1918 and HSTS Priming to WICG
[Proposal] Origin Isolation
Making CSP shareable with JSON CSP
Canvas "clear taint" permission
next page →