Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.



HTML5 talk on features and security for ConvergeSE 2010 in Columbia, SC

Jonathan LeBlanc

on 26 June 2010

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of convergese_html5

Local Storage HTML 5 Features and Security Jonathan LeBlanc
Technology Evangelist
Yahoo! Developer Network
Twitter:@jcleblanc Codec Wars - Ogg Theora vs H.264 http://youtube.com/html5 A new player - the WebM project (Google, Mozilla, and Opera)
Embed video and audio without third-party plugins! Render graphs, game graphics, or other visual images on the fly Canvas text may not be supported in your browser Shapes, paths, gradients, transformations JavaScript - now with a fine arts degree! Geolocation The Canvas Video and Audio
Control it all with JavaScript Guess who doesn't support it? Offline Web Applications Like a cookie (named key/value pairs), but for large amounts of data Websites can store data to retrieve later Currently a separate spec even though still under HTML5 How secure is it and who can read it? Sites define which files the need to work offline (HTML / JS / Images / Video and more!) Email, docs and web apps offline! When online, changes can be uploaded to the remote web server What data is being stored locally? Is it safe to do this? Can use IP, wireless connection, cell tower (phone), or dedicated GPS hardware Find your geographic location from the browser You must grant access for sites to use your location Locating me anywhere? Awesome right? for search boxes
for spinboxes
for sliders
for color pickers
for telephone numbers
for web addresses
for email addresses
for calendar date pickers
for months
for weeks
for timestamps
for precise, absolute date+time stamps
for local dates and times search:
Form Input Types Form Autofocus No JavaScript Needed
Consistent across all browsers
Good for power users and special needs
Unloaded site does not "help" by refocusing
Browser can offer method to turn this off

Implementations and specifications have to do a delicate dance together. You don’t want implementations to happen before the specification is finished, because people start depending on the details of implementations and that constrains the specification. However, you also don’t want the specification to be finished before there are implementations and author experience with those implementations, because you need the feedback. There is unavoidable tension here, but we just have to muddle on through.

- Robert O'Callahan http://ishtml5ready.com/ http://ishtml5readyyet.com/ http://www.miketaylr.com/code/input-type-attr.html How does your browser form support stack up? + + @font-face {
font-family: Delicious;
src: url('Delicious-Roman.otf');
} Custom Fonts So we're all good, right? Not really - IE does not play well with others

IE needs an .eot font ...
everyone else takes a .ttf or .otf font See the Paul Irish Solution http://paulirish.com/2009/
bulletproof-font-face-implementation-syntax/ Learning More This Presentation

WTF is HTML infographic

Dive into HTML5
http://diveintohtml5.org/ People you Should Follow Mark Pilgrim
Twitter: @diveintomark

Paul Irish
Twitter: @paul_irish Thank You! Questions? Cross-site Scripting (XSS) "User Agents must acquire permission through a user interface, unless they have prearranged trust
relationships with user"

"Some User Agents will have prearranged trust relationships that do not require such user
interfaces." Geolocation Spec Quotes Predators How do we secure our sites? Google Caja

Full transcript