Content Security Policy: Embedded Enforcement
OTHER License
WebAppSec Content Security Policy
WebAppSec Credential Management
WebAppSec Upgrade Insecure Requests
Post-Spectre Web Development
CORS for developers
WebAppSec Mixed Content
A mechanism to selectively enable and disable browser features and APIs
Guidelines for Security Disclosures
WebAppSec Secure Contexts
Materials for a proposed W3C workshop "Secure the Web Forward"
Web Application Security Working Group repo
WebAppSec Referrer Policy
W3C Workshop on Web and Media production
User Interface Security and the Visibility API