HTML5 Introduces New Security Threats!

BitsPlan

HTML5, the fifth standard of HTML released in 2014, is slowly becoming more prevalent across the internet as browsers adopt the new protocol and webpages are updated to make use of the new features. HTML is the technology at the basis of the internet, and acts as the structured content on webpages – text images (and now with HTML5 videos too) all appear in HTML code on a webpage. HTML5 attempts to bridge the gap left by old HTML standards, which failed to natively support multimedia and extensive API’s.   Two of these new features are CORS (Cross Origin Resource Sharing) and Local Storage.

CORS came about because developers felt restricted by the same-origin policy (an essential concept in web application security) and therefore felt a need to work around it. The same-origin policy (SOP) is used within web browsers to restrict access originating from one domain from accessing content originating from another. For example, say you have your banking information opened in one tab, and then you access another malicious website in another tab. The same-origin policy prevents that malicious website from making requests from your browser on your behalf (using AJAX calls made from scripts received from

Read more ... source: TheBitcoinNews

NO COMMENTS