The Definitive Guide to HTML5 Security
暫譯: HTML5安全性權威指南

HTML5 is fast becoming one of the most popular technologies for creating highly responsive and complex content-driven web applications today. With the introduction of new APIs such as Web Workers, Geolocation, Web Storage, WebSockets, Cross-Document Messaging and Application Cache, this technology has been adopted by many development teams to create applications that provide features previously only possible in thick-client applications. It is also one of the leading candidates for cross-platform mobile application development. This means that it is also one of the most popular targets for attack.

The addition of these complex and feature-rich APIs increases the potential attack surface of your applications, giving smart hackers more opportunities for reaching your private data. Although the W3C have given more consideration to security issues while defining the HTML5 standard than with previous HTML iterations, it is still very possible to introduce security flaws in your web applications with improper use of these APIs. The Definite Guide to HTML5 Security details these security and privacy flaws that arise due to the insecure implementation of the HTML5 APIs and provides methods to secure your applications and websites against them.

The Definitive Guide to HTML5 Security:

• Introduces you to the potent

ial security and privacy flaws that may occur due to insecure implementation of the various HTML5 APIs.

• Provides information that will help you make the right security decisions while designing and conceptualizing various application components.
• Provides detailed examples and walkthroughs, showing ways to implement these features securely.