Syllabus Point
- Investigate and explain the role of the World Wide Web Consortium ( W3C ) in the development of applications for the web
Including:
- Web Accessibility Initiative (WAI)
- internationalisation
- web security
- privacy
- machine-readable data
The W3C plays a crucial role in establishing web standards that promote accessibility, internationalisation, security and privacy. Understanding these standards and guidelines helps developers create web applications that serve diverse user populations and comply with international best practices.
Web Accessibility Initiative (WAI)
Web accessibility ensures that people with disabilities can access, navigate and interact with web applications.
Web Content Accessibility Guidelines (WCAG)
WCAG ensures website accessibility for people with various disabilities. This includes making content: perceivable, operable, understandable and robust across assistive technologies, like screen readers.
Accessibility compliance levels
- Level A (basic)
- Websites must be navigable via keyboard, and provide text alt for images
- Level AA (recommended)
- Ensures good contrast, captions for video and resizable text
- Level AAA (highest)
- Sign language interpretation, detailed audio descriptions
Good practices
- Semantic HTML for screen readers (e.g. <header><nav><button>)
- Provide alt text
- Interact without a mouse (keyboard navigation)
- ARIA roles
Internationalisation
Internationalisation (i18n) refers to designing web applications to support multiple languages, cultural norms and regional differences.
Good practices
- Use Unicode (UTF-8) for all characters
- Store text in external files to keep code separate from language-specific content
- Dynamic left-aligned and right-aligned text
- Dynamic date and currency formatting
Web security
Defines standards for secure web communication and authentication.
- Enforces practices for data encryption, user authentication, protection against vulnerabilities
Same-Origin Policy (SOP)
A security measure taken by web browsers to prevent one website from accessing resources of another website, unless both have the same origin (combination of protocol, domain, and port).
- Important for prevent XSS and CSRF
- Example: when browsing example.com, scripts on that page can't access resources form example2.com
- Limits interaction between different websites and protects user data
Same-Site concept
Attribute that extends the SOP to manage cookies' behaviour across different sites.
- Strict (only if request is from same site)
- Lax (cookies sent on safe HTTP methods, but not third party requests)
- None (sent with both cross site and same-site requests)
Cookies
- Allow websites to store small pieces of data on a user's device
Privacy
Privacy refers to how personal data is collected, used, stored and shared.
- Website must comply with privacy laws like GDPR and CCPA
- W3C has privacy standards and guidelines that developers can follow to respect users' privacy rights and comply with regulatory requirements
- Encourages transparency in data collection, cookie usage and user tracking
Privacy considerations for developers
- User consent
- Data encryption
- Minimal data collection
- Anonymisation
- Clear privacy policies
Machine-readable data
Machine readable data is structured data that computers can automatically process, which enables AI, automation and data integration across applications.
- Examples of machine readable data formats include JSON, XML, RDF
It is important to improve search engines, enhance AI and automation, and facilitate open data and APIs.
W3C Markup Validation Service
A free online tool provided by the W3C to check HTML is correct and valid, detect errors/non-compliance with W3C specifications and help developers create well-structured, error free and browser compatible web pages.
- Part of testing and evaluation – contributes to validity, accessibility and usability
Related Resources
Keep Progressing
Use the lesson navigation below to move through the module sequence.
