How does a website display a mathematical formula? More importantly, how can we ensure that all browsers show it the same way?
MathML Core is a small subset of MathML 3, specifically crafted for web browsers. It addresses inconsistencies in mathematical rendering across different browser engines. Igalia has been actively working on improving MathML interoperability, aligning the implementations of Firefox, WebKit and Chromium with this standard.
From nested exponents to Arabic writing direction, this session will explore the process of going from a specification to a feature release. MathML's unique history makes the task particularly interesting, as it often required deprecating existing features or implementing significant changes.
WebViews are everywhere—but fragmented, inconsistent, and often invisible to web developers. Used for in-app browsers, hybrid apps, and MiniApps, WebViews form a significant part of the web platform that many developers unknowingly target. Some developers specifically build for WebViews in hybrid apps or MiniApps, while others create standard websites without realizing they'll run in WebView contexts with different behaviors and constraints.
Through initiatives like Baseline, CanIWebView, apps, and the WebView Community Group, we're working to map this fragmented landscape and identify paths forward. MiniApps that are very popular in some markets also show a very strong fragmentation and very little standardization. With collaboration and improvements between WebViews, MiniApps, PWA, new technologies like Isolated Web Apps or new engines like Servo there is good potential to improve the web in this space, but it's complicated.
The W3C WebView Community Group was formed to identify, understand, and reduce the issues arising from the use of software components (typically referred as WebViews) that are used to render Web technology-based content. As member and co-chair of the community group I'd like to give a little overview what WebViews are today, the work we've done to improve interoperability, and call to action to "fix things" in this overlooked but critical part of the web platform.
WebTransport is an upcoming protocol (standardized by the IETF) and Web API (standardized by the W3C) for bidirectional communication on the web. It provides multiplexed streams and unreliable datagrams on top of HTTP/3 and HTTP/2.
This talk explains how WebTransport works at the protocol level, how it maps to QUIC when run on top of HTTP/3, and how its capabilities differ from WebSocket. The session will also cover the current state of browser and server support, and where the ecosystem is heading next.
Web Components have become a bit of a divisive topic in the Web community in recent years. On the one hand you have platform advocates arguing Web Components are a boon to interoperability, can simplify tooling and distribution, and provide a common bed for experimentation and innovation. On the other hand, framework authors often complain that they complicate runtime code with special-cases and that Custom Elements are the wrong level of abstraction for framework components.
Lustre 1 - a frontend framework for the functional programming language Gleam [2] - is bucking this trend; quietly using Web Components as a core building block of its runtime. In this talk we'll explore how Lustre can lean harder into the platform by adopting a different idea of what "components" should be, and how this can end up benefit framework users too.
[2] https://gleam.run
This presentation provides a comprehensive status update on WebKitGTK and WPE, the Open Source ports of the WebKit Web rendering engine that Igalia maintains for Linux devices. These ports are currently being used in millions of devices (e.g. phones, set-top boxes, smart home appliances...), leveraging the flexible architecture of WebKit to provide HW-accelerated graphics and multimedia capabilities with a minimal resource footprint (e.g., memory, binary size).
We will begin by providing some context on what WebKit is and how WebKitGTK and WPE bring the power of the Web Platform to Linux-based devices and distributions. After that, we will summarize the current status of these ports, detailing the latest and most important highlights of the work done in the past year, followed by a description of what the new developments will be focused on during 2026.
The Linux ports have experienced huge changes recently, including a massive refactoring of its graphics pipeline, the development of a new API for embedded devices, dma-buf support for zero-copy buffer sharing, a complete revamp of its QA infrastructure, and even adding support for Android. With all this in mind, this session should be useful for anyone interested in creating Web-based products on Linux devices, understanding the current state of these ports, and seeing where development is headed next.
The Servo project, now hosted under Linux Foundation Europe, is a modern Rust-based rendering engine pushing forward safety, modularity and high-performance web rendering. After its early foundations at Mozilla and a couple of years of impasse, Servo entered a new chapter in 2023 when Igalia took over stewardship, ensuring long-term maintenance, open governance, and a clear technical direction for the project. The Servo community has continued to grow steadily since then.
In this talk we’ll review the recent evolution of the project together with the plans for the future. Apart from that, we’ll focus on the impact of this work in the whole web platform, by finding issues in specifications and improving them, reporting interop bugs, contributing new tests, etc.; showing that the development of new web engines benefits the whole ecosystem.
What does accessibility interoperability look like? This talk explores the edges of support between browsers, assistive tech, and specs.
Accessibility Compat Data: https://github.com/lolaslab/accessibility-compat-data
Modern web applications face a constant barrage of attacks targeting authenticated user sessions, including Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), clickjacking, Cross-Site Leaks (XS-Leaks), and even Spectre. Fortunately, recent advancements in web browser security provide developers with powerful tools to mitigate these threats. This talk delves into the latest web platform security features, equipping you with the knowledge to protect your applications. We'll explore CSP3, Trusted Types, Fetch Metadata headers, and COOP, demonstrating how these mechanisms can effectively thwart entire classes of web vulnerabilities.
File uploads are a ubiquitous and fundamental part of modern web applications. While simple at first, they become increasingly challenging as file sizes grow. Users expect reliable data transfers, even when uploading multi-gigabyte files over unreliable mobile networks.
Conventional file uploads over HTTP fail unrecoverably when the underlying connection is interrupted. Resumable uploads, on the other hand, allow an application to continue uploading a file exactly where it left off. This preserves previously transferred data and greatly improves the user experience.
Historically, resumable uploads were implemented in proprietary ways, with each application building its own solution. Developers couldn’t benefit from the advantages of resumable uploads without investing significant engineering effort.
In 2013, we started the tus project and created a free and open-source protocol for resumable uploads. The project and its community provide implementations for various client and server runtimes, making it easy today to add resumable uploads to any application.
In 2022, we began engaging with the HTTP Working Group at the IETF to make resumable uploads a standardized extension to HTTP. Our goal is to integrate resumable uploads directly into browsers, HTTP clients, servers, and proxies so that even more developers can easily benefit from their capabilities.
This talk explores the past and present of resumable uploads and how upcoming standards will help developers deliver exceptional file-upload experiences.
Additional links: - Tus homepage: https://tus.io/ - GitHub organization: https://github.com/tus - “Resumable Uploads for HTTP” Internet-Draft: https://datatracker.ietf.org/doc/draft-ietf-httpbis-resumable-upload/
In June 2025, researchers exposed a major tracking vulnerability - Local Mess, where Meta Pixel and Yandex Metrica scripts were exploiting localhost access to track millions of Android users across the web. This talk presents Local Network Access (LNA) standards and how it addresses similar threats and helps fix long standing security vulnerabilities with localhost and local network devices. The talk explains the LNA specification and how it categorizes network requests into public, local, and loopback address spaces, requiring explicit user permission when websites access more private network zones. The presentation covers Firefox's implementation, key differences from Chrome's approach, real-world deployment challenges and mitigations.
References: Local Mess - https://localmess.github.io/ Local Network Access Standard - https://wicg.github.io/local-network-access/ Local Network Standards Issues - https://github.com/WICG/local-network-access/issues/ Firefox Implementation Bug - https://bugzilla.mozilla.org/show_bug.cgi?id=1481298 List of long pending security vulnerabilities with localhost and local network - https://github.com/WICG/local-network-access/issues/21
About the Speaker Sunil Mayya is a software engineer on Mozilla's Firefox Networking team, and a core contributor to Firefox's implementation of the Local Network Access standard.
The WebAssembly (Wasm) 1.0 specification is a linear memory system suitable as a compiler target for static languages like C and Rust. However, the recently released Wasm 3.0 specification, which includes garbage collected reference type instructions, has opened the door to using all kinds of dynamic languages on the web. Wasm GC compilers already exist for languages such as Java, Scala, Kotlin, OCaml, and Scheme. However, the value of Wasm GC is often misunderstood! In this talk, I'll attempt to clear things up by examining the benefits and drawbacks of Wasm GC at present and how compiling to Wasm GC stacks up against compiling to JavaScript (or just using plain ol' Javascript). I'll conclude with a brief look at some proposals from the Wasm Community Group that could improve Wasm GC in the near future.
A large number of Linux applications have been developed over the years. Reusing them allows developers to reduce development costs, leverage well-established and battle-tested applications, and gain significant benefits by porting them to WebAssembly (Wasm). Migrating Linux applications to the browser as Wasm offers several advantages, such as: 1. Developing browser-based applications by reusing existing Linux libraries 2. Protecting client privacy and reducing server load by moving server-side Linux applications into the browser 3. Building browser-based systems that rely on Linux applications that are traditionally difficult to port (e.g., shells, compilers)
In this session, I will introduce elfconv, a binary translator that directly converts existing Linux binaries into Wasm without requiring their source code and provides a layer for emulating Linux system calls. This enables Linux applications that depend on system calls unavailable in Wasm (e.g., fork/exec) to run inside the browser. Furthermore, by performing ahead-of-time (AOT) translation, elfconv achieves dramatically lower overhead compared to CPU-emulator-based projects such as container2wasm and v86. Our evaluation on several benchmark tests shows that elfconv delivers approximately 30× to 70× higher performance. At the moment, the system call emulation layer in particular is still under development, but I believe that as elfconv matures, it will greatly expand the potential of the browser.
elfconv: https://github.com/yomaytk/elfconv container2wasm: https://github.com/container2wasm/container2wasm v86: https://github.com/copy/v86
The old Servo Streams implementation was relying on SpiderMonkey’s own stream implementation. In the latest SpiderMonkey versions, that stream implementation was removed, which prevented us from updating the version in Servo. So we reimplemented the Streams spec without the built-in SpiderMonkey implementation, and we ended up implementing WritableStream and TransformStream.
Servo repo: https://github.com/servo/servo
We will talk about how we are building the Midori browser, a lightweight, fast, secure browser that promotes privacy, is completely open source and free software, and at the same time we will talk about how we are building a pro-privacy ecosystem around Midori, including tools such as VPN, DNS, all without telemetry, without invasive advertising and, most importantly, all stored and hosted in the European Union to increase its technological independence.
When talking about CSS, we generally speak about how it’s super nice to have good looking websites, introduce a new feature and how to use it, etc.
But today, we’d like to speak about a feature that has been into the CSS specifications since 1998, and that we don’t talk about very often: CSS for print 🖨️.
During this talk, we’ll show how CSS can be used not to only create web pages, but also beautiful and structured paged documents. Interested in generating reports, invoices, tickets, or even slideshows? Take a look at which tools − except your favorite web browser − you can use to accomplish that, and why it’s very convenient in particular for automating documents generation.