documentation technical

technology software

English

__cf_bm

The domain 'www.w3.org' uses the non-profit oriented generic top-level domain (.org); it also runs on subdomain 'www'. The second-level label 'w3' is 2 characters long split between zero vowels and one consonant, plus 1 digit. Breaking it apart gives two words: w, 3. The median word length lands at 1 character. No strong language cues emerged from the frequency lists.

html/35/51/35512fe0-1cc0-4013-a479-9b3703f6f794_fallback.html.gz

Subresource Integrity

html/35/51/35512fe0-1cc0-4013-a479-9b3703f6f794.html.gz

frame-ancestors 'self' https://cms.w3.org/ https://cms-dev.w3.org/; upgrade-insecure-requests

7da8de4e6404cc4352f8a0256679c3cca39f84d3c0fc7c98d7eb9461adbf68f0

cac0fc1798020c602a4b862e98416a4a1fc4ad31508d2c7b170820c05498ac24

72ec1ec630e62caabe1621531f41a5131b6c7d8848b082b26db8599631adf60d

bd866ab726dd3b004e77ce82e6155a717b73d5aaf0707f017595aff1473c0f58

81bd814cfab6e6be40978c9d22f93472635040df12c51071f2a7e557a36474d8

https://www.w3.org/TR/2025/WD-sri-2-20250710/

https://w3c.github.io/webappsec-subresource-integrity/

https://www.w3.org/TR/2025/WD-sri-2-20250709/

https://www.w3.org/standards/history/sri-2/

https://wpt.fyi/results/subresource-integrity/

3.3.3
Get the strongest metadata from set

3.4
Verification of HTML document subresources

3.8.2
Should request be blocked by Integrity Policy

5.1
Non-secure contexts remain non-secure

width=device-width, initial-scale=1, shrink-to-fit=no

viewport

w3c-status

Bikeshed version 618007319, updated Thu Jun 26 17:23:55 2025 -0700

generator

revision

color-scheme

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

/* Boilerplate: script-dom-helper */
"use strict";
function query(sel) { return document.querySelector(sel); }

function queryAll(sel) { return [...document.querySelectorAll(sel)]; }

function iter(obj) {
	if(!obj) return [];
	var it = obj[Symbol.iterator];
	if(it) return it;
	return Object.entries(obj);
}

function mk(tagname, attrs, ...children) {
	const el = document.createElement(tagname);
	for(const [k,v] of iter(attrs)) {
		if(k.slice(0,3) == "_on") {
			const eventName = k.slice(3);
			el.addEventListener(eventName, v);
		} else if(k[0] == "_") {
			// property, not attribute
			el[k.slice(1)] = v;
		} else {
			if(v === false || v == null) {
        continue;
      } else if(v === true) {
        el.setAttribute(k, "");
        continue;
      } else {
  			el.setAttribute(k, v);
      }
		}
	}
	append(el, children);
	return el;
}

/* Create shortcuts for every known HTML element */
[
  "a",
  "abbr",
  "acronym",
  "address",
  "applet",
  "area",
  "article",
  "aside",
  "audio",
  "b",
  "base",
  "basefont",
  "bdo",
  "big",
  "blockquote",
  "body",
  "br",
  "button",
  "canvas",
  "caption",
  "center",
  "cite",
  "code",
  "col",
  "colgroup",
  "datalist",
  "dd",
  "del",
  "details",
  "dfn",
  "dialog",
  "div",
  "dl",
  "dt",
  "em",
  "embed",
  "fieldset",
  "figcaption",
  "figure",
  "font",
  "footer",
  "form",
  "frame",
  "frameset",
  "head",
  "header",
  "h1",
  "h2",
  "h3",
  "h4",
  "h5",
  "h6",
  "hr",
  "html",
  "i",
  "iframe",
  "img",
  "input",
  "ins",
  "kbd",
  "label",
  "legend",
  "li",
  "link",
  "main",
  "map",
  "mark",
  "meta",
  "meter",
  "nav",
  "nobr",
  "noscript",
  "object",
  "ol",
  "optgroup",
  "option",
  "output",
  "p",
  "param",
  "pre",
  "progress",
  "q",
  "s",
  "samp",
  "script",
  "section",
  "select",
  "small",
  "source",
  "span",
  "strike",
  "strong",
  "style",
  "sub",
  "summary",
  "sup",
  "table",
  "tbody",
  "td",
  "template",
  "textarea",
  "tfoot",
  "th",
  "thead",
  "time",
  "title",
  "tr",
  "u",
  "ul",
  "var",
  "video",
  "wbr",
  "xmp",
].forEach(tagname=>{
	mk[tagname] = (...args) => mk(tagname, ...args);
});

function* nodesFromChildList(children) {
	for(const child of children.flat(Infinity)) {
		if(child instanceof Node) {
			yield child;
		} else {
			yield new Text(child);
		}
	}
}
function append(el, ...children) {
	for(const child of nodesFromChildList(children)) {
		if(el instanceof Node) el.appendChild(child);
		else el.push(child);
	}
	return el;
}

function insertAfter(el, ...children) {
	for(const child of nodesFromChildList(children)) {
		el.parentNode.insertBefore(child, el.nextSibling);
	}
	return el;
}

function clearContents(el) {
	el.innerHTML = "";
	return el;
}

function parseHTML(markup) {
	if(markup.toLowerCase().trim().indexOf('<!doctype') === 0) {
		const doc = document.implementation.createHTMLDocument("");
		doc.documentElement.innerHTML = markup;
		return doc;
	} else {
		const el = mk.template({});
		el.innerHTML = markup;
		return el.content;
	}
}

/* Boilerplate: script-wpt */
"use strict";
{
let wptData = {
"paths": ["/subresource-integrity/"],
};

document.addEventListener("DOMContentLoaded", async ()=>{
    if(wptData.paths.length == 0) return;

    const runsUrl = "https://wpt.fyi/api/runs?label=master&label=stable&max-count=1&product=chrome&product=firefox&product=safari&product=edge";
    const runs = await (await fetch(runsUrl)).json();

    let testResults = [];
    for(const pathPrefix of wptData.paths) {
        const pathResults = await (await fetch("https://wpt.fyi/api/search", {
            method:"POST",
            headers:{
                "Content-Type":"application/json",
            },
            body: JSON.stringify({
                "run_ids": runs.map(x=>x.id),
                "query": {"path": pathPrefix},
            })
        })).json();
        testResults = testResults.concat(pathResults.results);
    }

    const browsers = runs.map(x=>({name:x.browser_name, version:x.browser_version, passes:0, total: 0}));
    const resultsFromPath = new Map(testResults.map(result=>{
        const testPath = result.test;
        const passes = result.legacy_status.map(x=>[x.passes, x.total]);
        return [testPath, passes];
    }));
    const seenTests = new Set();
    document.querySelectorAll(".wpt-name").forEach(nameEl=>{
        const passData = resultsFromPath.get("/" + nameEl.getAttribute("title"));
        if(!passData) {
            console.log("Couldn't find test in results:", nameEl);
            return
        }
        const numTests = passData[0][1];
        if(numTests > 1) {
            nameEl.insertAdjacentElement("beforeend",
                mk.small({}, ` (${numTests} tests)`));
        }
        if(passData == undefined) return;
        const resultsEl = mk.span({"class":"wpt-results"},
            ...passData.map((p,i) => mk.span(
            {
                "title": `${browsers[i].name} ${p[0]}/${p[1]}`,
                "class": "wpt-result",
                "style": `background: conic-gradient(forestgreen ${p[0]/p[1]*360}deg, darkred 0deg);`,
            })),
        );
        nameEl.insertAdjacentElement("afterend", resultsEl);

        // Only update the summary pass/total count if we haven't seen this
        // test before, to support authors listing the same test multiple times
        // in a spec.
        if (!seenTests.has(nameEl.getAttribute("title"))) {
            seenTests.add(nameEl.getAttribute("title"));
            passData.forEach((p,i) => {
                browsers[i].passes += p[0];
                browsers[i].total += p[1];
            });
        }
    });
    const overview = document.querySelector(".wpt-overview");
    if(overview) {
        overview.appendChild(mk.ul({}, ...browsers.map(formatWptResult)));
        document.head.appendChild(mk.style({},
            `.wpt-overview ul { display: flex; flex-flow: row wrap; gap: .2em; justify-content: start; list-style: none; padding: 0; margin: 0;}
             .wpt-overview li { padding: .25em 1em; color: black; text-align: center; }
             .wpt-overview img { height: 1.5em; height: max(1.5em, 32px); background: transparent; }
             .wpt-overview .browser { font-weight: bold; }
             .wpt-overview .passes-none { background: #e57373; }
             .wpt-overview .passes-hardly { background: #ffb74d; }
             .wpt-overview .passes-a-few { background: #ffd54f; }
             .wpt-overview .passes-half { background: #fff176; }
             .wpt-overview .passes-lots { background: #dce775; }
             .wpt-overview .passes-most { background: #aed581; }
             .wpt-overview .passes-all { background: #81c784; }`));
    }
});

function formatWptResult({name, version, passes, total}) {
    const passRate = passes/total;
    let passClass = "";
    if(passRate == 0)      passClass = "passes-none";
    else if(passRate < .2) passClass = "passes-hardly";
    else if(passRate < .4) passClass = "passes-a-few";
    else if(passRate < .6) passClass = "passes-half";
    else if(passRate < .8) passClass = "passes-lots";
    else if(passRate < 1)  passClass = "passes-most";
    else                   passClass = "passes-all";

    name = name[0].toUpperCase() + name.slice(1);
    const shortVersion = /^\d+/.exec(version);
    const icon = []

    if(name == "Chrome") icon.push(mk.img({alt:"", src:"https://wpt.fyi/static/chrome_64x64.png"}));
    if(name == "Edge") icon.push(mk.img({alt:"", src:"https://wpt.fyi/static/edge_64x64.png"}));
    if(name == "Safari") icon.push(mk.img({alt:"", src:"https://wpt.fyi/static/safari_64x64.png"}));
    if(name == "Firefox") icon.push(mk.img({alt:"", src:"https://wpt.fyi/static/firefox_64x64.png"}));

    return mk.li({"class":passClass},
        mk.nobr({'class':'browser'}, ...icon, ` ${name} ${shortVersion}`),
        mk.br(),
        mk.nobr({'class':'pass-rate'}, `${passes}/${total}`)
    );
}
}


✅ Low Risk - https://www.w3.org/TR/sri-2/

Requests	IP Address	Location	AS Autonomous System
6	104.18.23.19	Unknown	Unknown
1	104.18.22.19	Unknown	Unknown
1	216.239.36.21	Unknown	Unknown
1	216.239.34.21	Unknown	Unknown
1	216.239.38.21	Unknown	Unknown
1	216.239.32.21	Unknown	Unknown
1	2001:4860:4802:38::15	Unknown	Unknown
1	2001:4860:4802:36::15	Unknown	Unknown
1	2606:4700::6812:1713	Unknown	Unknown
1	2001:4860:4802:32::15	Unknown	Unknown
17	12	-	-

Security Scan Report: www.w3.org

Summary

AI Security Verdict

Moderate Risk

Risk Factors

Safety Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History