Mike West's repositories
http-state-tokens
Incrementally better HTTP state management.
cookie-incrementalism
Incrementally better cookies.
content-security-policy
Personal draft of the Web Application Security WG's Content Security Policy specification.
securer-contexts
Secure Contexts, but with _more_ secureness!
baseline-header
What if developers could opt-into better default behaviors en masse, forcing them to pick and choose the legacy risks they want to enable.
deprecating-document-domain
`document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
static_gettext
`gettext` wrapper, enabling localization of static documents and websites.
sanitizer-playground
A demonstration of the HTML Sanitizer API.
deprecate-it
Deprecate it.
mitigation-supply
Mitigations. Supplied.
consider-deploying-corp
Consider deploying Cross-Origin Resource Policy.
coop-by-default
Wouldn't it be nice if `Cross-Origin-Opener-Policy` was applied by default?
embedding-requires-opt-in
Embedding a document (via `<iframe>`, etc) should require explicit opt-in from the embedee.
isolated.website
It's an isolated website. Maybe yours should follow suit?
mikewest.github.com
projects.mikewest.org
privacy-policy-discovery
Policy documents should be discoverable.
categorizing-capabilities
Apps fall into categories. Categories are bound to capabilities.
injection-mitigated
`[InjectionMitigated]` WebIDL Attribute
change-password-url
A Well-Known URL for Changing Passwords
progress
A progress bar. Nothing interesting.
summernote
Super simple WYSIWYG editor