- From: Aryeh Gregor <Simetrical+w3c@gmail.com>
- Date: Sun, 12 Sep 2010 20:14:02 -0400
On Thu, Sep 9, 2010 at 2:20 PM, zhao Matt <mattzhaoweb at gmail.com> wrote: > I saw the iframe element adds the attribute 'sandbox' in HTML5, which can > better protect users from malicious content. > so I want to know whether or not there are other changes,? HTML5 can > (partially) solve some vulnerabilities in HTML4 ? > thanks. HTML5 adds a huge number of features to HTML 4. All of them are designed with security in mind (hopefully), but most are not specifically security-related. CSP and STS are examples of two web standards that are being developed that are targeted at reducing existing security problems (STS is implemented in Firefox 4), but neither is part of HTML5. A list of significant changes from HTML 4 to HTML5 can be found here: http://dev.w3.org/html5/html4-differences/
Received on Sunday, 12 September 2010 17:14:02 UTC