Open Web Docs

Frederik Braun � (@freddy@security.plumbing) 3.51K Posts, 566 Following, 1.34K Followers · 👨‍👩‍👧‍👦 Dad // 👨‍💻🛡️🦊 Security Engineer & Manager for Mozilla Firefox // ⛺🚴 Cyclist // 👨‍🎓👨‍🏫 co-founded CTF team fluxfingers in '07. // opinions are my own and I do not speak for my employer.

We've written a new guide on XS-Leaks:

https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/XS-Leaks

Many thanks to @freddy, Hamish Willee, @MartinaKraus11, and @terjanq for your reviews and collaboration. #websecurity

Frederik Braun � (@freddy@security.plumbing) 3.51K Posts, 566 Following, 1.34K Followers · 👨‍👩‍👧‍👦 Dad // 👨‍💻🛡️🦊 Security Engineer & Manager for Mozilla Firefox // ⛺🚴 Cyclist // 👨‍🎓👨‍🏫 co-founded CTF team fluxfingers in '07. // opinions are my own and I do not speak for my employer.

We've written a new guide on XS-Leaks:

https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/XS-Leaks

Many thanks to @freddy, Hamish Willee, @MartinaKraus11, and @terjanq for your reviews and collaboration. #websecurity

Launching the W3C Docs Community Group Open Web Docs supports web platform documentation for the benefit of web developers & designers worldwide. We are a community of web developers, standards makers, and technology companies that rely on this documentation as critical digital infrastructure, and we work cooperatively to ensure its long-term success and maintenance.

Launching the W3C Docs Community Group

https://openwebdocs.org/content/posts/w3c-docs-cg/

Barry Pollard (@tunetheweb@webperf.social) 637 Posts, 226 Following, 770 Followers · Web Performance Developer Advocate for Google Chrome helping to make the web go faster! All opinions my own.

Reducing the transport size of HTTP responses with a compression dictionary.

New MDN article written by @tunetheweb and reviewed by Will Bamberg.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Compression_dictionary_transport

W3C Docs CG

As presented at the W3C Breakouts Day last week, we're considering launching a W3C Documentation Community Group. A place for technical writers, specification authors, and web developers to meet and discuss docs with the goal of providing a better understanding of web technologies […]

Igalia (@igalia@floss.social) 597 Posts, 48 Following, 1.81K Followers · Igalia is an open source consultancy specialized in the development of innovative projects and solutions with desktop, mobile, and web technologies.

Thank you @igalia for renewing your Open Web Docs membership and sponsoring us again in 2025! 💜

Igalia has been sponsoring OWD for the 5th time already! Sustainable funding allows us to maintain documentation in the long-term.

Frederik Braun � (@freddy@security.plumbing) 3.34K Posts, 562 Following, 1.31K Followers · 👨‍👩‍👧‍👦 Dad // 👨‍💻🛡️🦊 Security Engineer & Manager for Mozilla Firefox // ⛺🚴 Cyclist // 👨‍🎓👨‍🏫 co-founded CTF team fluxfingers in '07. // opinions are my own and I do not speak for my employer.

We're continuing our journey through attacks and defenses on the web platform.

We've now written new documentation about Cross-Site Request Forgery (CSRF) attacks:

https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/CSRF

Thank you @freddy for the reviews!

Andreu Botella :verified_enby: (@andreu@andreubotella.com) 189 Posts, 46 Following, 130 Followers · Browser engineer at @igalia@floss.social, currently working on layout on Chromium (Google Chrome), as well as on interoperability between browsers and server-side JS runtimes as a co-chair of WinterTC. I'm also: - A math/physics/linguistics geek. - Linux guy. - Atheist / secular humanist. - G(r)ay asexual, as well as aromantic. - Non-binary.

Thank you for becoming a monthly OWD supporter on our Open Collective, @andreu 💜

https://opencollective.com/open-web-docs

Tomorrow is W3C Breakouts Day! You can join online!

We're leading a session to talk about documentation for web technologies and whether we need a more regular place to discuss in form of a W3C Docs Community Group.

Session link […]

Bloomberg Backs Open Web Docs to Support High-Quality Web Platform Documentation for All

https://www.bloomberg.com/company/stories/bloomberg-backs-open-web-docs/

We're happy to announce that Bloomberg joins Open Web Docs!

“By supporting OWD, Bloomberg is investing in the long-term sustainability of the open web. We’re ensuring that developers have the tools they need to build, create, and maintain a healthy and accessible web for everyone.” says Alyssa […]

Jory and Florian stand on stage behind a podium (marked "FOSS backstage") with monitors on both sides of them reading "open web docs" and showing the first 2 rows of seating with some attendees watching.

Now at #FOSSBackstage: @jorydotcom & @floscholz double ack presenting the economics of @openwebdocs and about how documentation is critical digital infrastructure.

Street scene in Berlin - the yellow U-Bahn train in background on an elevated track over a brick building. Trucks and cars in foreground.

Good morning from Berlin, where #FOSSBackstage is kicking off! Looking forward to learning about what's "behind the scenes" with Open Source and supporting my friends @jorydotcom and @floscholz at their talk on the economics of @openwebdocs.

We consider web platform docs critical digital infrastructure and we're planning for more in 2025!

Thanks to everyone who has been part of our journey in 2024! Join us on our mission and become an OWD sponsoring organization in 2025!

In 2024, we identified missing reference pages for widely available features and created ~600 new pages on MDN Web Docs to fill this gap.

We also continued to play an essential maintainer role by reviewing pull requests for mdn/content and mdn/browser-compat-data.

In 2024, we joined the W3C Security Web Application Guidelines Community Group (SWAG CG).

We created and rewrote docs about XSS and CSP and will continue this work in 2025 to make sure we promote security best practices and help developers understand security threats and their mitigations.

In 2024, we cataloged web platform features, became a maintainer of the W3C WebDX https://github.com/web-platform-dx/web-features project, and made sure it syncs up nicely with browser-compat-data.

In 2024, thanks to an investment from @sovtechfund, we systematically collected compatibility data for 30 browser releases throughout the entire year. As a result, whenever browsers shipped new features, the data was already available on @mdn, caniuse.com, and other projects.

Open Web Docs Impact and Transparency Report 2024 Open Web Docs supports web platform documentation for the benefit of web developers & designers worldwide. We are a community of web developers, standards makers, and technology companies that rely on this documentation as critical digital infrastructure, and we work cooperatively to ensure its long-term success and maintenance.

Open Web Docs 2024 Report

We're reflecting on our fourth year of ensuring the long-term health of web platform documentation

https://openwebdocs.org/content/reports/2024/

FOSDEM 2025 - Tool the Docs

Find us at #fosdem2025 this weekend! @floscholz and @torgo will be in Brussels and are happy to chat about OWD!

Saturday: Tool the Docs room: https://fosdem.org/2025/schedule/track/docs/

Sunday: Funding the FOSS Ecosystem room: https://fosdem.org/2025/schedule/track/funding/

Cross-site scripting (XSS) - Security on the web | MDN A cross-site scripting (XSS) attack is one in which an attacker is able to get a target site to execute malicious code as though it was part of the website.

Learn about XSS for XMAS!

We created a new MDN page about Cross-site scripting: https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/XSS

#websecurity