Carsten Eilers for CTOvision

Carsten Eilers, author of ‘HTML5 Security’ recently did a guest post for CTOvision regarding his chosen subject topic : HTML5 Security.

“HTML5 brings new opportunities – for developers and for attackers.

Here you will see two examples of how an attacker could abuse HTML5 and how you as a developer could prevent this (or not).

These are only two of many new or improved attacks on web clients. I chose them for two reasons: the first is a new attack, first described in December 2011 and not widely known to developers. The second shows a misuse of new HTML5 functionalities which have often has been overlooked.”