This security vulnerability appear to affect only HTML5 pages. One can contend it is a browser problem for now, but since we have a choice to use HTML5 or 4 in Freeway, how will this affect your designs?
If I understand the article, unless you are designing your website to
perform the exploit ON PURPOSE, whether we design with html5 or not makes
no difference.
I thought this was worth reading, from the comments:
There is a well-known (to developers) feature of HTML5 that is designed to
allow web applications to store data locally; it can be used for storing
parts of the app (so you don’t have to re-download them later), catalog
data, big images – whatever you want. Every browser has controls allowing
you to delete this data. The fact that it performs exactly that function is
hardly a bug. It’s arguable that various (among different browsers)
built-in size limits should be domain-specific rather than host-specific,
but this is really not a particularly earth-shattering distinction; using
additional domains to get access to more storage space doesn’t require much
more “cleverness” than using additional hostnames. I don’t know whether
Aboukhadijeh is an attention whore, or whether click-craving sites are so
desperate for traffic that they’ll post whatever sensational-sounding
“security” story they come across, regardless of whether they have the
slightest idea what it means. It’s sensationalist nonsense, either way.
–
Ernie Simpson
On Sun, Mar 3, 2013 at 10:27 PM, JDW email@hidden wrote:
This security vulnerability appear to affect only HTML5 pages. One can
contend it is a browser problem for now, but since we have a choice to use
HTML5 or 4 in Freeway, how will this affect your designs?