The HTML5 Web Storage standard was developed to allow sites to store larger amounts of data (like 5-10 MB) than was previously allowed by cookies (like 4KB).
localStorageis awesome because it’s supported in all modern browsers (Chrome, Firefox 3.5+, Safari 4+, IE 8+, etc.).
via Introducing the HTML5 Hard Disk Filler™ API » Feross.org.
Historically, the company has tried to do just this, but its success at influencing real Web developers has been limited; for all the emphasis placed on standards, many developers don’t, in practice, care about them.
Things I miss: most YouTube videos are Flash-based (although often if you find them embedded on a page, YouTube will provide an HTML5 version on the fly). HTML5 playback in addition is smoother than FLV videos ever were. There are fewer glitches, slowdowns, jitters and so forth.
Interesting read. I went without Flash for awhile a few years ago on when 64 bit was new on the linux box because I couldn’t get it to work and it became too much of a PITA and a waste of time to figure out. I hardly ever use YouTube however.
WebRTC is a free, open project that enables web browsers with Real-Time Communications (RTC) capabilities via simple Javascript APIs. The WebRTC components have been optimized to best serve this purpose.
Our mission: To enable rich, high quality, RTC applications to be developed in the browser via simple Javascript APIs and HTML5.
The WebRTC initiative is a project supported by Google, Mozilla and Opera. This page is maintained by the Google Chrome team.
via WebRTC.
And the latest current events surrounding WebRTC is this:
From: Hello Firefox, this is Chrome calling!
For the first time, Chrome and Firefox can “talk” to each other via WebRTC. WebRTC is a new set of technologies that brings clear crisp voice, sharp high-definition (HD) video and low-delay communication to the web browser.
The malicious JavaScript in question only served the exploit code to browsers whose language was either English (U.S.), Chinese (China), Chinese (Taiwan), Japanese, Korean, or Russian. Once the initial checks passed, the JavaScript proceeded to load an Adobe Flash file named “today.swf.” This file ultimately triggered a heap spray in IE and downloaded a file named “xsainfo.jpg.”
More details of the vulnerability are available at the CERT Knowledgebase ( VU#154201). Here’s the full technical description:
This may be a first. Bad webpage coding can often cause a browser to crash, but yesterday’s crash looks like something different: widespread crashing kicked off by a web service designed to help drive your browser.
Unlike Apple, Google doesn’t impose a Draconian policy on developers. Third-party rendering and JavaScript engines get the green light on any Android-based device, jailbroken or not. This means that Firefox is free to use its Gecko rendering engine, and Opera isn’t limited to a “mini” browser.
via Which Web Browser Should You Run On Your Android Device? : Web Browser Grand Prix: Android Circuit.
While the 1 percent share for Windows 8 is completely expected, it’s interesting to note that less than half of users have chosen to stick with the default IE10 browser: just 0.51 percent. Everyone else appears to be using Chrome, Firefox, or yet another browser.
via Windows XP Drops Below 40% Market Share, Windows 8 Passes 1%.
Now, a new study of online video viewing (via GigaOm) provides more evidence of how advances in media and networking technology reduce the patience of human beings. The researchers, Shunmuga Krishnan and Ramesh Sitaraman, studied a huge database from Akamai Technologies that documented 23 million video views by nearly seven million people. They found that people start abandoning a video in droves after a two second delay and that the abandonment rate increases 5.8 percent for every second of further delay:
If the user is logged in, then the image file loads successfully, which causes the executions of loggedIn. If the user is not logged in, then notLoggedIn is executed. The result is an ability to test easily and invisibly whether a visitor is logged in to a particular Web site that a Web developer does not have a relationship with. This login-detection technique, which leverages CSRF, can be applied to online banks, social networks, Web mail, and basically anything else useful to an attacker. The attacker behind http://coolwebsite/ just has to find the URLs that respond in a Boolean state with respect to login.
via The Web Won’t Be Safe or Secure until We Break It – ACM Queue.
Browser intranet hacking allows Web-site owners to access the private networks of their visitors, which are probably behind network firewalls, by using their browsers as a launch point. This attack technique is painfully simple and works equally well on enterprises and home users, exposing a whole new realm of data.