xbiz world
xbiz premiere

HTML5 Security Concerns Complicate Deployment Plans

Recent questions surrounding the security of HTML5 and 13 other new technologies currently under development have sparked demands to address these flaws before coding standards are ratified.

According to a report from the European Network and Information Security Agency entitled “A Security Analysis of Next Generation Web Standards,” portions of increasingly popular programs and applications, including browsers using the fledgling HTML5 standard — being adopted by many adult websites — pose security concerns.

The standards which govern the browser are currently undergoing a major upgrade.

For example, ENISA calls the web browser the most security-critical component in our information infrastructure and the channel through which most information passes — as such, it is seizing what it calls “a unique chance to make detailed recommendations for improvements to browser security before they become non-negotiable for years to come,” — attempting to influence the finalization of impending coding standards.

“The standards which govern the browser are currently undergoing a major upgrade,” ENISA notes. “This includes HTML5, cross-origin communication standards such as CORS and standards for access to local data such as geo-location.”

All together, details of 50 security threats and issues are identified in the report.

The report’s co-editor, Giles Hogben, says that many of these technical specifications are reaching “a point-of-no-return. For once, we have the opportunity to think deeply about security — before the standard is set in stone, rather than trying to patch it up afterwards. This is a unique opportunity to build in security-by-design.”

Some of the concerns noted in the report include formsubmission vulnerabilities and unauthorized access to sensitive information; problems with security policies; operating system permission management; “click-jacking;” and more.

“An important conclusion of this study is that significantly fewer security issues were found in those specifications which have already undergone detailed security review,” co-editor Marnix Dekker added. “This demonstrates the value of in-depth security reviews of up-coming specifications.”

The developing HTML5 standard, already embraced by many adult operators, continues to make progress towards ratification and is expected to be finalized in 2014.

Related:  

Copyright © 2026 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

How Adult Businesses Can Navigate Global Compliance Demands

The internet has made the world feel small. Case in point: Adult websites based in the U.S. are now getting letters from regulators demanding compliance with foreign laws, even if they don’t operate in those countries. Meanwhile, some U.S. website operators dealing with the patchwork of state-level age verification laws have considered incorporating offshore in the hopes of avoiding these new obligations — but even operators with no physical presence in the U.S. have been sued or threatened with claims for not following state AV laws.

Larry Walters ·
opinion

Top Tips for Bulletproof Creator Management Contracts

The creator management business is booming. Every week, it seems, a new agency emerges, promising to turn creators into stars, automate their fan interactions or triple their revenue through “secret” social strategies. The reality? Many of these agencies are operating with contracts that wouldn’t survive a single serious dispute — if they even have contracts at all.

Corey D. Silverstein ·
opinion

Building Sustainable Revenue Without Opt-Out Cross-Sales

Over the past year, we’ve seen growing pushback from acquirers on merchants using opt-out cross-sales — also known as negative option offers. This has been especially noticeable in the U.S. In fact, one of our acquirers now declines new merchants during onboarding if an opt-out flow is detected. Existing merchants submitting new URLs with opt-out cross-sales are being asked to remove them.

Cathy Beardsley ·
trends

How to Handle Payment Disputes Without Sacrificing Trust

You can run the best-managed and most compliant website out there, but that still doesn’t completely shield you from the risks tied to payment disputes. Buyer’s remorse, an unclear billing description or even a simple misunderstanding can lead a customer to dispute a transaction. Accumulate enough disputes, and both your reputation and revenue could be at risk.

Jonathan Corona ·
trends

WIA Profile: Taylor Moore

With a 70-person team and a growing slate of tools for content creators, the Teasy Agency has developed a reputation for putting talent first. That commitment owes a lot to co-founder Taylor Moore’s own experiences as a cam model.

Jackie Backman ·
profile

WIA Profile: Cathy Turns Creator Platform Experience Into a Model-First Playbook

As both a model and industry executive, Cathy lives in two worlds at once. “Since I do both things, I can act as the liaison between the model community and the rest of the SextPanther team,” she tells XBIZ.

Jackie Backman ·
opinion

From Compliance to Confidence: The Future of Safety in Adult Platforms

In numerous countries and U.S. states, laws now require platforms to prevent minors from accessing age-inappropriate material. But the need for safeguarding doesn’t end with age verification. Today’s online landscape also places adult companies at uniquely high risk for inadvertently facilitating exploitation, abuse or reputational harm, or of being accused of doing so.

Andy Lulham ·
opinion

What Adult Businesses Need to Know About Florida's Age Verification Law

The rise and proliferation of age verification laws has changed the landscape for the online adult industry. A recent and compelling example is the state of Florida, where Attorney General James Uthmeier has filed multiple complaints against major platforms as well as affiliates accused of violating the state’s AV law.

Corey D. Silverstein ·
opinion

Maintaining Brand Trust in the Face of Negative Press

Over the last year, several of our merchants have found themselves caught up in litigation over compliance with state age verification laws. Recently, Segpay itself was pulled into the spotlight, facing scrutiny over Florida’s AV statute, HB 3. These stories inevitably get picked up by both industry and mainstream news outlets.

Cathy Beardsley ·
opinion

How to Switch Payment Processors Without Disrupting Business

For many merchants, the idea of switching payment processors can feel pretty overwhelming. That’s understandable. After all, downtime can stall sales, recurring subscriptions can suddenly fail, or compliance gaps can put accounts at risk. Operating in a high-risk sector like the adult industry can further amplify the stress of transition.

Jonathan Corona ·
Show More