A WebGL™ browser is a program designed not only to display basic HyperText Markup Language (HTML), JavaScript®, and cascading style sheet (CSS) documents that are online, but also to interpret the special subset of these specifications known as WebGL™. Technically, WebGL™ is not a stand-alone language but a graphics library that uses the canvas element of the browser rendering engine to create a bridge between WebGL™ code, graphics hardware and the browser. This gives a WebGL™ browser the ability to render advanced three-dimensional (3D) graphics much faster than would otherwise be possible using other types of plug-ins and more conveniently than when using separately compiled programs inside the browser. Nearly all the major web browsers support WebGL™ natively, although those browsers that do not implement native support generally have third-party plug-ins that expose the necessary HTML components. While a WebGL™ browser is capable of rendering 3D graphics quickly because of the direct access provided to a computer graphics card, this is also the source of potentially large security holes that could allow a malicious program to execute harmful code on a remote computer.
In essence, a WebGL™ browser contains code that specifically links the functions included in a graphics library in a way so they are accessible through JavaScript®. Under the HTML language standard version 5 (HTML5), there is a special element known as a canvas that can be used to draw directly to an area of a screen without having to use plug-ins, or to work with HTML or CSS tags that might not be as precise as required. Within a compliant WebGL™ browser, JavaScript® is bound to a low-level graphics library and draws directly to the HTML5 canvas element, providing a platform for graphics that can be pushed directly from a graphics card to a display device.
The libraries used are the OpenGL® embedded systems libraries (OpenGL ES®), which are a subset of the standard OpenGL® library functions designed to work with mobile devices. One reason why a WebGL™ browser is possible is the lightweight nature of the WebGL™ libraries, which do not consume large amounts of resources and do not contain some of the more processor-intensive functions of the full OpenGL® implementation. A recurring issue with a WebGL™ browser, however, is that the drivers and hardware on a computer or device must be capable of running an OpenGL ES® application. Some operating systems, devices, hardware and even drivers do not have the capabilities to run a WebGL™ program and also do not have an easy solution short of replacing the graphics hardware installed.
Major concerns with the safety and security of a WebGL™ browser have prevented some major browser developers from fully implementing support for WebGL™. This primarily comes down to the direct access that the browser provides to WebGL™ code. When used maliciously, the graphics card can be manipulated to cause damage via the host system or, in a worst-case scenario, can be used as a gateway to execute or plant harmful computer code.
