[html5] Help with html 5 security
ian at hixie.ch
Tue Jun 14 17:02:46 PDT 2011
On Tue, 22 Mar 2011, Mario Juric wrote:
> I'd like to ask if anyone has any information on html5 security and how
> it varies from previous versions of html, given the fact it's a work in
> progress it's bound to have some glitches. Some examples of website
> based attack, methods for security testing and any kind of simple html5
> security tutorial would be appreciated
HTML5 is just HTML, so the security model is the same. We've added some
new things recently, e.g. the sandbox iframe, text/html-sandboxed, CORS,
and typemustmatch="". You can find out more about those in the spec:
Ian Hickson U+1047E )\._.,--....,'``. fL
http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,.
Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
More information about the Help