xbiz world
xbiz premiere

HTML5 Security Concerns Complicate Deployment Plans

Recent questions surrounding the security of HTML5 and 13 other new technologies currently under development have sparked demands to address these flaws before coding standards are ratified.

According to a report from the European Network and Information Security Agency entitled “A Security Analysis of Next Generation Web Standards,” portions of increasingly popular programs and applications, including browsers using the fledgling HTML5 standard — being adopted by many adult websites — pose security concerns.

The standards which govern the browser are currently undergoing a major upgrade.

For example, ENISA calls the web browser the most security-critical component in our information infrastructure and the channel through which most information passes — as such, it is seizing what it calls “a unique chance to make detailed recommendations for improvements to browser security before they become non-negotiable for years to come,” — attempting to influence the finalization of impending coding standards.

“The standards which govern the browser are currently undergoing a major upgrade,” ENISA notes. “This includes HTML5, cross-origin communication standards such as CORS and standards for access to local data such as geo-location.”

All together, details of 50 security threats and issues are identified in the report.

The report’s co-editor, Giles Hogben, says that many of these technical specifications are reaching “a point-of-no-return. For once, we have the opportunity to think deeply about security — before the standard is set in stone, rather than trying to patch it up afterwards. This is a unique opportunity to build in security-by-design.”

Some of the concerns noted in the report include formsubmission vulnerabilities and unauthorized access to sensitive information; problems with security policies; operating system permission management; “click-jacking;” and more.

“An important conclusion of this study is that significantly fewer security issues were found in those specifications which have already undergone detailed security review,” co-editor Marnix Dekker added. “This demonstrates the value of in-depth security reviews of up-coming specifications.”

The developing HTML5 standard, already embraced by many adult operators, continues to make progress towards ratification and is expected to be finalized in 2014.

Related:  

Copyright © 2026 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

A Creator's Guide to Starting the Year With Strong Financial Habits

Every January brings that familiar rush of new ideas and big goals. Creators feel ready to overhaul their content, commit to new posting schedules and jump on fresh opportunities.

Megan Stokes ·
opinion

Pornnhub's Jade Talks Trust and Community

If you’ve ever interacted with Jade at Pornhub, you already know one thing to be true: Whether you’re coordinating an event, confirming deliverables or simply trying to get an answer quickly, things move more smoothly when she’s involved. Emails get answered. Details are confirmed. Deadlines don’t drift. And through it all, her tone remains warm, friendly and grounded.

Women In Adult ·
opinion

Outlook 2026: Industry Execs Weigh In on Strategy, Monetization and Risk

The adult industry enters 2026 at a moment of concentrated change. Over the past year, the sector’s evolution has accelerated. Creators have become full-scale businesses, managing branding, compliance, distribution and community under intensifying competition. Studios and platforms are refining production and business models in response to pressures ranging from regulatory mandates to shifting consumer preferences.

Jackie Backman ·
opinion

How Platforms Can Tap AI to Moderate Content at Scale

Every day, billions of posts, images and videos are uploaded to platforms like Facebook, Instagram, TikTok and X. As social media has grown, so has the amount of content that must be reviewed — including hate speech, misinformation, deepfakes, violent material and coordinated manipulation campaigns.

Christoph Hermes ·
opinion

What DSA and GDPR Enforcement Means for Adult Platforms

Adult platforms have never been more visible to regulators than they are right now. For years, the industry operated in a gray zone: enormous traffic, massive data volume and minimal oversight. Those days are over.

Corey D. Silverstein ·
opinion

Making the Case for Network Tokens in Recurring Billing

A declined transaction isn’t just a technical error; it’s lost revenue you fought hard to earn. But here’s some good news for adult merchants: The same technology that helps the world’s largest subscription services smoothly process millions of monthly subscriptions is now available to you as well.

Jonathan Corona ·
opinion

Navigating Age Verification Laws Without Disrupting Revenue

With age verification laws now firmly in place across multiple markets, merchants are asking practical questions: How is this affecting traffic? What happens during onboarding? Which approaches are proving workable in real payment flows?

Cathy Beardsley ·
opinion

How Adult Businesses Can Navigate Global Compliance Demands

The internet has made the world feel small. Case in point: Adult websites based in the U.S. are now getting letters from regulators demanding compliance with foreign laws, even if they don’t operate in those countries. Meanwhile, some U.S. website operators dealing with the patchwork of state-level age verification laws have considered incorporating offshore in the hopes of avoiding these new obligations — but even operators with no physical presence in the U.S. have been sued or threatened with claims for not following state AV laws.

Larry Walters ·
opinion

Top Tips for Bulletproof Creator Management Contracts

The creator management business is booming. Every week, it seems, a new agency emerges, promising to turn creators into stars, automate their fan interactions or triple their revenue through “secret” social strategies. The reality? Many of these agencies are operating with contracts that wouldn’t survive a single serious dispute — if they even have contracts at all.

Corey D. Silverstein ·
opinion

Building Sustainable Revenue Without Opt-Out Cross-Sales

Over the past year, we’ve seen growing pushback from acquirers on merchants using opt-out cross-sales — also known as negative option offers. This has been especially noticeable in the U.S. In fact, one of our acquirers now declines new merchants during onboarding if an opt-out flow is detected. Existing merchants submitting new URLs with opt-out cross-sales are being asked to remove them.

Cathy Beardsley ·
Show More