From Web Security
Revision as of 15:10, 8 December 2009 by Tclose (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
There are a number of other areas of HTML5 which need security review. For a simple example, I'm concerned about the sections of HTML5 which seem to imply that a IRI is shown to the user as some kind of validation of the link that is going to be followed. This is more problematic than usual when non-ASCII characters are allowed in URIs / IRIs / URLs. -- Larry Masinter 2009-12-08
Note discussion about IRIs and IDNs. See also: IDN_Spoofing discussion -- Thomas Roessler 2009-12-08