Skip to main content

Home HTML5


HTML5 definition

HTML5 is the fifth and latest major version of the HTML standard. HTML, which stands for HyperText Markup Language, is the standard language used to create and present content on web pages.

HTML5 came about to improve the language with support for the latest multimedia while keeping it both easily readable by humans and consistently understood by computers and devices. It is a response to the web becoming more complex, with a growing need for web applications and richer multimedia elements.

See also: html-injection

HTML (older) vs HTML5

  • Structure HTML has a basic structure, primarily focused on structuring content, while HTML5 has an enhanced structure with additional semantic elements (e.g., article).
  • Multimedia. HTML requires third-party plugins (like Flash) to play audio and video. HTML5, on the other hand, supports audio and video tags without the need for plugins.
  • Graphics. HTML lacks native drawing capabilities and relies on external solutions, while HTML5 allows users to draw with the <canvas> element.
  • Storage. HTML relies on cookies for small amounts of data storage, while HTML5 has much better storage capabilities.
  • Connectivity. HTML has less efficient server communication, while HTML5 offers real-time server communication (e.g., WebSockets).
  • Device access. HTML has limited access to device-specific features, while HTML5 has much better access to device features (like geolocation).
  • Form controls. HTML has basic form input types, while HTML5 has new input times (e.g., ‘date’) for better user input.

HTML5 security concerns

  • Web storage. HTML5's local storage options can be targeted by attackers to store malicious scripts or to retrieve sensitive information.
  • GeoLocation API. If not properly managed, this can leak a user's physical location.
  • New features. Adding features like WebSockets, Web Workers, and the <canvas> element introduces new areas that might be exploited if not properly implemented.
  • Cross-origin requests. While HTML5 offers mechanisms for making requests to a different domain (CORS), misconfigurations can allow unwanted access.