The paper examines the new markup language for the design of web pages in view of the security level expected. The previous version of HTML, HTML 4.01, came in 1999. The web has changed a lot since then.
The main goal of its developers, was to propose and implement new features and commands until now obtained mainly through web-browser extensions . Although from the point of view of a developer or web designer these new features can be considered a big step forward in the evolution of the “web”, from the point of an InfoSec specialist these are at least questionable.
The purpose of this document is not to list the exact differences between HTML 5 and its predecessor, but will therefore shown those are the highlights of this comparison in a “security-oriented” perspective of users and applications.
The document is available for download in Italian.