[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [WEB SECURITY] Re: HTML5 is now a First Public Working Draft
- From: "Hoffman, Billy" <billy.hoffman@xxxxxx>
- Subject: RE: [WEB SECURITY] Re: HTML5 is now a First Public Working Draft
- Date: Thu, 24 Jan 2008 22:28:06 +0000
Don't forgot Offline events and manifest files, paving the way for web applications that work transparently when connected to the Internet or not.
This is virtually the same as wha the WHATWG came up with (makes sense seeing as that was the base document). We have a lot of this now. Firefox 2 has DOMStorage, Google Gears provides offline manifests and a client-side SQLite database. Still, its exciting to see it codified.
Billy Hoffman
--
Manager, HP Security Labs
HP Software
Phone: 678-781-4800
Direct: 678-781-4845
http://www.hp.com
-----Original Message-----
From: Thomas Roessler [mailto:tlr@xxxxxx]
Sent: Thursday, January 24, 2008 3:25 PM
To: Thomas Roessler
Cc: websecurity@xxxxxxxxxxxxx
Subject: [WEB SECURITY] Re: HTML5 is now a First Public Working Draft
On 24 Jan 2008, at 20:52, Thomas Roessler wrote:
> Among the APIs that are defined, some seem particular relevant from
> a security perspective, so I'd encourage you to review them and
> share any comments that you might have. Specifically:
I forgot to mention:
6.2. Server-sent DOM events
http://www.w3.org/TR/html5/#server-sent-events
6.3. Network connections
http://www.w3.org/TR/html5/#network
>
>
> 6.4. Cross-document messaging
> http://www.w3.org/TR/html5/#cross-document
>
> 5.3. Drag and drop
> http://www.w3.org/TR/html5/#dnd
>
> 4.9. Determining the type of a new resource in a browsing context
> http://www.w3.org/TR/html5/#content-type-sniffing
>
> 4.10. Client-side session and persistent storage of name/value pairs
> http://www.w3.org/TR/html5/#storage
>
> 4.11. Client-side database storage
> http://www.w3.org/TR/html5/#sql
>
> The HTML Working Group (which is working on this document) solicits
> comments to the mailing list public-html-comments@xxxxxx, archived
> here:
>
> http://lists.w3.org/Archives/Public/public-html-comments/
>
> Please note that the specification is currently a Working Draft, and
> not stable. In the words of the "Status of this Document" section:
> "Implementors should be aware that this specification is not stable.
> Implementors who are not taking part in the discussions are likely
> to find the specification changing out from under them in
> incompatible ways. Vendors interested in implementing this
> specification before it eventually reaches the Candidate
> Recommendation stage should join the aforementioned mailing lists
> and take part in the discussions."
>
> For details and background about the Working Group itself, please
> see its home page:
>
> http://www.w3.org/html/wg/
>
> Regards,
> --
> Thomas Roessler, W3C <tlr@xxxxxx>
>
>
>
>
--
Thomas Roessler, W3C <tlr@xxxxxx>
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Brought to you by http://www.webappsec.org
Search this site
|