Web Application Security Working Group

• Mailing list archive: http://lists.w3.org/Archives/Public/public-webappsec/
• Website: http://www.w3.org/2011/webappsec/
• Tracker: http://www.w3.org/2011/webappsec/track/
• Bugzilla: http://www.w3.org/Bugs/Public/describecomponents.cgi?product=WebAppsSec

Specifications

• Content Security Policy

  • 1.0:
    • Candidate Recommendation: http://w3.org/TR/CSP
  • 1.1:
    • Editor's Draft: http://w3c.github.io/webappsec/specs/content-security-policy/csp-specification.dev.html
    • Working Draft: http://w3.org/TR/CSP11
  • Source: https://github.com/w3c/webappsec/tree/master/specs/content-security-policy/

• Subresource Integrity

  • Editor's Draft: http://w3c.github.io/webappsec/specs/subresourceintegrity/
  • Source: https://github.com/w3c/webappsec/tree/master/specs/subresourceintegrity