HTML5 Security Concerns Complicate Deployment Plans

Recent questions surrounding the security of HTML5 and 13 other new technologies currently under development have sparked demands to address these flaws before coding standards are ratified.

According to a report from the European Network and Information Security Agency entitled “A Security Analysis of Next Generation Web Standards,” portions of increasingly popular programs and applications, including browsers using the fledgling HTML5 standard — being adopted by many adult websites — pose security concerns.

The standards which govern the browser are currently undergoing a major upgrade.

For example, ENISA calls the web browser the most security-critical component in our information infrastructure and the channel through which most information passes — as such, it is seizing what it calls “a unique chance to make detailed recommendations for improvements to browser security before they become non-negotiable for years to come,” — attempting to influence the finalization of impending coding standards.

“The standards which govern the browser are currently undergoing a major upgrade,” ENISA notes. “This includes HTML5, cross-origin communication standards such as CORS and standards for access to local data such as geo-location.”

All together, details of 50 security threats and issues are identified in the report.

The report’s co-editor, Giles Hogben, says that many of these technical specifications are reaching “a point-of-no-return. For once, we have the opportunity to think deeply about security — before the standard is set in stone, rather than trying to patch it up afterwards. This is a unique opportunity to build in security-by-design.”

Some of the concerns noted in the report include formsubmission vulnerabilities and unauthorized access to sensitive information; problems with security policies; operating system permission management; “click-jacking;” and more.

“An important conclusion of this study is that significantly fewer security issues were found in those specifications which have already undergone detailed security review,” co-editor Marnix Dekker added. “This demonstrates the value of in-depth security reviews of up-coming specifications.”

The developing HTML5 standard, already embraced by many adult operators, continues to make progress towards ratification and is expected to be finalized in 2014.

Related:  

Copyright © 2026 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

Ricci Levy on Standing Up for the Right to Be Heard

When Ricci Levy speaks about human rights, she does not use detached, academic language. She speaks with urgency, emotion and the kind of passion that immediately makes it clear just how deeply personal this work is for her.

Women In Adult ·
opinion

Lessons From Decades of Building the Adult Internet

After my first year of college, I needed a job. So I did what people did back then: I opened the newspaper and started scanning the classifieds. One listing stood out: “Image Librarian.” I had no idea what that meant, but I applied, and got the job.

Tanguy ·
opinion

How to Build a Cross-Border Payment Strategy

Pull up your analytics and you’ll likely find that international traffic is already on your site. Some of those visitors convert, but a lot more bounced at checkout — and a meaningful chunk tried to pay but were declined.

Jonathan Corona ·
opinion

The KPIs That Keep Payment Processing Humming While You're Away

I always look forward to the summer as my kids are home and I can plan little trips with them to reconnect and have some fun. If you’re like me, however, you probably never go on vacation without your laptop, so you can check in or lurk in the background to make sure all systems remain go.

Cathy Beardsley ·
opinion

What Utah's SB 73 Means for Compliance Requirements

Utah has once again positioned itself at the center of the national battle over online age verification and adult-content regulation.

Corey D. Silverstein ·
profile

Clips4Sale's Christy on Backing Creators and Fueling Growth

Understanding the industry from within goes beyond data. For Christy, Manager of Creator Experience at Clips4Sale, that insight is shaped by front-line conversations and years spent listening not just to trends, but to people.

Women In Adult ·
opinion

Breaking Down AI-Powered Moderation and Platform Safety

Adult platforms, including content sites, cam services and dating apps, consistently face a range of high-risk challenges. These include verifying consent, particularly for user-uploaded content, addressing nonconsensual material such as leaks and so-called revenge porn, and ensuring effective age verification and protection for minors. At the same time, platforms must manage content moderation at scale while addressing payment fraud, scams, harassment and user abuse.

Christoph Hermes ·
opinion

How to Optimize Subscription Billing for Compliance and Stability

The Federal Trade Commission’s “click to cancel” rule is coming back around. Last year, a federal appeals court vacated the FTC’s Negative Option Rule, aimed at addressing deceptive or unfair practices and making it easier for consumers to cancel online subscriptions.

Jonathan Corona ·
opinion

Key Strategies for Streamlining Payment Processing Approval

Why is it taking so long to get my account approved? It's frustrating for everyone involved, but it's all part of the process. Over the past year, timelines have stretched to 60 days or more for merchants to complete onboarding, from internal compliance review to banking partner approval and final card brand registration.

Cathy Beardsley ·
opinion

What to Know About Alabama's Regulatory Push on Adult Content

Over the past two years, Alabama has quietly but aggressively transformed itself into one of the most restrictive and unfriendly jurisdictions for the adult entertainment industry. Through the enactment of House Bill 164 and related enforcement mechanisms, the state has layered taxation, compliance burdens and content restrictions in a way that goes far beyond traditional regulation.

Corey D. Silverstein ·
Show More