[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] HTML5 is now a First Public Working Draft

From: Thomas Roessler <tlr@xxxxxx>
Subject: [WEB SECURITY] HTML5 is now a First Public Working Draft
Date: Thu, 24 Jan 2008 20:52:59 +0100

Hello,

W3C has released a First Public Working Draft for HTML5 this week:

  http://www.w3.org/TR/html5/

The specification defines, as its subtitle says, "A vocabulary and associated APIs for HTML and XHTML."

Among the APIs that are defined, some seem particular relevant from a security perspective, so I'd encourage you to review them and share any comments that you might have. Specifically:

	6.4. Cross-document messaging
	http://www.w3.org/TR/html5/#cross-document

	5.3. Drag and drop
	http://www.w3.org/TR/html5/#dnd

	4.9. Determining the type of a new resource in a browsing context
	http://www.w3.org/TR/html5/#content-type-sniffing
	
	4.10. Client-side session and persistent storage of name/value pairs
	http://www.w3.org/TR/html5/#storage

	4.11. Client-side database storage
	http://www.w3.org/TR/html5/#sql

The HTML Working Group (which is working on this document) solicits comments to the mailing list public-html-comments@xxxxxx, archived here:

 	http://lists.w3.org/Archives/Public/public-html-comments/

Please note that the specification is currently a Working Draft, and not stable. In the words of the "Status of this Document" section: "Implementors should be aware that this specification is not stable. Implementors who are not taking part in the discussions are likely to find the specification changing out from under them in incompatible ways. Vendors interested in implementing this specification before it eventually reaches the Candidate Recommendation stage should join the aforementioned mailing lists and take part in the discussions."

For details and background about the Working Group itself, please see its home page:

	http://www.w3.org/html/wg/

Regards,
--
Thomas Roessler, W3C   <tlr@xxxxxx>

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Follow-Ups:
- [WEB SECURITY] Re: HTML5 is now a First Public Working Draft
  - From: Thomas Roessler

Prev by Date: RE: [WEB SECURITY] AJAX load content from different hosts/sites?
Next by Date: [WEB SECURITY] Re: HTML5 is now a First Public Working Draft
Previous by thread: [WEB SECURITY] Web app on IIS6: Through reverse proxy or publish directly
Next by thread: [WEB SECURITY] Re: HTML5 is now a First Public Working Draft
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site