This first version of the HTML Security Cheat Sheet includes guidance on:
- Cross Origin Resource Sharing
- Local Storage (a.k.a. Offline Storage, Web Storage)
- Web Workers
- Use the sandbox attribute of an iframe for untrusted content
- Web Messaging
- XHR and DOM abuses
- HTML5 Widgets
- Progressive Enhancements and Graceful Degradation Risks
If you have anything to add, or suggest, please contact the people involved — Mark Roxbury, Krzysztof Kotowicz, Will Stranathan and Shreeraj Shah are the authors and primary editors.
There is another more general presentation about using HTML5 WebSockets at London Web on Thursday evening this week (20th October), but be quick to register as there are already 175 people attending, and currently only 4 spaces left.
Posted on: 18 October 2011 at 13:30 hrs