There are no reviews yet. Be the first to send feedback to the community and the maintainers!
vimroom
Simulating a vaguely WriteRoom-like environment in Vim.http-state-tokens
Incrementally better HTTP state management.privacy-budget
nginx-static-etags
Nginx doesn't generate etags for static content. I'd like it to. Let's see if I can remember some C from college.cookies-over-http-bad
Archived proposal from 2018. Perhaps the approach in mikewest/scheming-cookies will be more successful!jslint-utils
Wrapper scripts for running JSLint locally, and for generating test reports for Hudsontc39-proposal-literals
Literals could be different than non-literals.credentialmanagement
Credential Managementcookie-incrementalism
Incrementally better cookies.content-security-policy
Personal draft of the Web Application Security WG's Content Security Policy specification.securer-contexts
Secure Contexts, but with _more_ secureness!baseline-header
What if developers could opt-into better default behaviors en masse, forcing them to pick and choose the legacy risks they want to enable.palmerized-chrome
https://noncombatant.org/2014/03/11/privacy-and-security-settings-in-chrome/signature-based-sri
Signature-based Resource Loading Restrictionsdeprecating-document-domain
`document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?scheming-cookies
Cookies should take scheme into account, just like every other storage mechanism on the web.spec-questionnaire
static_gettext
`gettext` wrapper, enabling localization of static documents and websites.mcw_templates
A Textpattern plugin enabling import and export of pages, forms, and CSS rules. Unmaintained, released under MIT license.strict-csp-for-everyone
This is both a terrible and wonderful idea.sanitizer-playground
A demonstration of the HTML Sanitizer API.vCard
A vCard website. Doesn't everyone have one of these?deprecate-it
Deprecate it.datarequestor
Pompously described (in _2005_) as "Ajax without the confusing API." Unmaintained, released under MIT license.mgc
Mike Generated Content; even better than Web 2.0.strict-navigation-security
What if HSTS only applied to top-level navigations?presentations
Various bits and pieces of presentationsfallow
A "teaching myself Ruby and Git by writing a Rack-based blog" projectmitigation-supply
Mitigations. Supplied.appengine-thingsyoushouldread
Things I think you should read.contentsecuritypolicy.info
contentsecuritypolicy.infoconsider-deploying-corp
Consider deploying Cross-Origin Resource Policy.topdown
I'm writing (read: porting) a top-down JavaScript parser to teach myself Python. Weird, eh?css-parser
A toy css parser, written to teach myself C.internetdrafts
coop-by-default
Wouldn't it be nice if `Cross-Origin-Opener-Policy` was applied by default?resource-policy
Wouldn't it be nice if servers could assert more granular things about how a resource should be used?consolemessages
Maybe a project?vim-markdown
Vim Markdown runtime files that WON'T leave you sterileembedding-requires-opt-in
Embedding a document (via `<iframe>`, etc) should require explicit opt-in from the embedee.hasacdn.net
Nginx configuration for *.hasacdn.netmikewest.org
algorithms101
Working through Intro to Algorithms. In JavaScript.philosophic_li
Code for philosophic.liartur-yes
unnamedproject
I need a name.pysvnhooks
Some Python code to implement subversion hooks.forum_lddebate_org
The phpBB-based forum.lddebate.orgmikewest.github.com
projects.mikewest.orgisolated.website
It's an isolated website. Maybe yours should follow suit?sample-i18n
Sample AppEngine i18n Codefrontend-build-scripts
starting on a build script that reads dependencies from the files, rather than hard-coding them...HTMLOutliner
w15y.com
The beginnings of a project.perfecttime
JavaScript-based local-timezone based string replacement. Unmaintained, released under MIT license.http-is-https
Post-`forbes.com`, I think we can say that "http" => "https".flask-pyplaceholder
PyPlaceholder, hosted via Flask.PyPlaceholder
Placeholder images. Generated via the magic of PyPNG!chromium-dashboard
We got a big TV in the office. I should fill it with something.texts_lddebate_org
Political and ethical texts relevant to LD debate; crafted in the image of http://federali.st/.coop
WIP COOP.mcw_ma_gnolia
A very, very unmaintained Textpattern plugin for a potentially dead site.eightyize
80 columns.upgrade-demo
nginx_501
A default nginx site that returns nothing but 501.hillegass-exercises
Working through "Cocoa Programming for Mac OS X". Slowly.doodlings
Everyone needs a public ~/tmp directory.categorizing-capabilities
Apps fall into categories. Categories are bound to capabilities.cookie-samesite-firstparty
clackity
clackity.iowriteonly
`<input writeonly>`Love Open Source and this site? Check out how you can help us