[WEB SECURITY] Re: HTML5 is now a First Public Working Draft

Thomas Roessler tlr at w3.org
Thu Jan 24 15:24:31 EST 2008

On 24 Jan 2008, at 20:52, Thomas Roessler wrote:
> Among the APIs that are defined, some seem particular relevant from  
> a security perspective, so I'd encourage you to review them and  
> share any comments that you might have. Specifically:

I forgot to mention:

	6.2. Server-sent DOM events

	6.3. Network connections

> 	6.4. Cross-document messaging
> 	http://www.w3.org/TR/html5/#cross-document
> 	5.3. Drag and drop
> 	http://www.w3.org/TR/html5/#dnd
> 	4.9. Determining the type of a new resource in a browsing context
> 	http://www.w3.org/TR/html5/#content-type-sniffing
> 	4.10. Client-side session and persistent storage of name/value pairs
> 	http://www.w3.org/TR/html5/#storage
> 	4.11. Client-side database storage
> 	http://www.w3.org/TR/html5/#sql
> The HTML Working Group (which is working on this document) solicits  
> comments to the mailing list public-html-comments at w3.org, archived  
> here:
> 	http://lists.w3.org/Archives/Public/public-html-comments/
> Please note that the specification is currently a Working Draft, and  
> not stable.  In the words of the "Status of this Document" section:  
> "Implementors should be aware that this specification is not stable.  
> Implementors who are not taking part in the discussions are likely  
> to find the specification changing out from under them in  
> incompatible ways. Vendors interested in implementing this  
> specification before it eventually reaches the Candidate  
> Recommendation stage should join the aforementioned mailing lists  
> and take part in the discussions."
> For details and background about the Working Group itself, please  
> see its home page:
> 	http://www.w3.org/html/wg/
> Regards,
> -- 
> Thomas Roessler, W3C   <tlr at w3.org>

Thomas Roessler, W3C   <tlr at w3.org>

Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

More information about the websecurity mailing list