BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News W3C Releases HTML 5.2 As Official Recommendation

W3C Releases HTML 5.2 As Official Recommendation

The W3C released the HTML 5.2 update to the HTML specification as an official recommendation on December 14, 2017. This update adds new features like the dialog element, deprecates old ones like the HTML plugins system, and integrates work from other W3C committees such as support for the Payments Request API and the Presentation API.

The new version of the specification adds key attributes to iframes for supporting new JavaScript APIs. It adds the allowpaymentrequest property to allow iframes to control access to the Payment Requests API. This means that pages embedding third party content will be able to control whether or not that content can request payment credentials from the user, allowing embeddable shopping cart tools to utilize the new API. Explaining the benefits of the Payment Requests API, Brendan Miller of Forrester said:

The new standard enables developers to create a streamlined checkout page where users can reuse stored payment and address information, making checkout faster and reducing typing errors.

The Payments Request API is available in Chrome, Edge, and Safari Technology Preview.

The HTML 5.2 specification also adds the allowpresentation property to allow iframes access to the Presentation API, allowing pages to embed third party presentations that have access to devices like projectors, attached monitors, and network-attached TVs. The Presentation API is a W3C candidate recommendation, and so far only available in Chrome.

The specification also pays increasing attention to security. It integrates multiple recommendations from the Content Security Policy Level 3 draft. The <link> now officially supports a nonce property, and <style> and <script> inline behavior can be blocked a priori by a Content Security Policy. These tools allow developers more flexibility in locking down what resources their web applications are allowed to load, mitigating the damage possible from cross-site scripting attacks. To learn how to begin using CSP to protect their applications, developers can find guides and documentation on MDM.

This version of the HTML specification provides official support for ES6 JavaScript Modules. Most browsers have already implemented this functionality, with support in Safari since version 10.1, Chrome since version 61, and Edge since version 16. Firefox provides support behind a feature flag.

HTML 5.2 is the second major revision to the HTML5 specification, following up on a 2014 W3C commitment to release revisions to the specification roughly once a year. It includes substantial cleanup and bug fixes, major security updates, integration of progress from other committees, and other work to keep the spec up to date with the way the web is being used in the wild. Developers wanting to see everything that has changed can consult the changelog published as a part of the specification.

Interested developers can read all about these changes and much more in the official HTML 5.2 recommendation. The committee has already started work on the HTML 5.3 specification, releasing a working draft at the same time as the HTML 5.2 recommendation was released.

Rate this Article

Adoption
Style

BT