The Website Specification
k1m
469 points
189 comments
May 31, 2026
Related Discussions
Found 5 related stories in 92.9ms across 9,043 title embeddings via pgvector HNSW
- A Forth-inspired language for writing websites speckx · 139 pts · May 22, 2026 · 47% similar
- The 49MB web page kermatt · 408 pts · March 15, 2026 · 46% similar
- Your website is not for you pumbaa · 247 pts · May 01, 2026 · 46% similar
- Design.md: A format spec for describing a visual identity to coding agents rbanffy · 33 pts · April 24, 2026 · 46% similar
- A sufficiently detailed spec is code dokdev · 11 pts · March 18, 2026 · 45% similar
Discussion Highlights (19 comments)
throwaw12
Looks interesting, can you convert it to a skill with bunch of scripts to validate those guidelines and use it to build the websites?
sinansaka
This is pretty cool, didnt even know of half the options under well-known urls. Thanks!
WA
.well-known/security is listed as a prominent example, but is not in the well-known category.
zophi
Hmm wondering how common some of these are ... I'd love /.well-known/change-password but it looks like https://news.ycombinator.com/.well-known/change-password and google.com/.well-known/change-password don't seem to be implemented?
incognitoninja
This seems good especially as beginner still face deep in the weeds of just the pure introductory functional concepts
cbm-vic-20
See also: https://www.iana.org/assignments/well-known-uris/well-known-...
franze
llms.txt is supported by 0 of the relevant ai providers and must be seen as harmful .. as the webmaster implemented something that they might thought has an impact (false sense of impact), but has zero so net gain negative i consider such lists harmful - a good website is one that supports the goal of the website providers and its desired users (some of these users might be bots) a bad website is a website that does everything for everyone just because
Latty
"Agent Readiness" will likely age as well as "Web 4.0 Blockchain Integration" has. (To be entirely clear, not because agents won't be a relevant thing, although certainly I have my doubts, but because I believe even if they are a relevant thing, requiring special allowances from sites undermines the whole point, and such things will only end up used by bad actors to mismatch what agents see to what humans see, and so will be intentionally ignored.)
selfhoster1312
This looks like slop from a slop factory. "SEO", "Agent-readiness". That's precisely what a good website doesn't do (to paraphrase the homepage). Oh yes, it's produced by a Wordpress "SEO" expert and private investor using Claude LLM. What a surprise. A man who built a fortune destroying the internet we loved with advertisement slop now working on destroying whatever's left with LLM slop.
baliex
What a great resource. As someone who’s been making websites for 30 years, it’s amazing to still be picking up some of the basics. Though to be fair many of these didn’t exist back then. I’ll be using this to add some extra tags to my pages. It looks like there are some features noted as “required” that are actually required by the spec (e.g. a title tag), and others that are required by opinion (e.g. https) so there’s an element^ of pragmatic best practice being recommended. I find it curious that setting a colour hint for the browser is recommended. I’m one for letting the browser look as vanilla as possible and letting my pages do the talking. ^Pun not intended, blink and you’ll miss it
mschuster91
I heavily assume this is at least partially AI generated... but I have to admit, this is actually useful (aka, human driven). Nice work.
pratikdeoghare
Having such a list is great. I am all for such lists. BUT Some people memorize these things. Take them too seriously. You are thought stupid if you don't know them. Somewhere someone then makes a story on Jira to verify that your product does all of these things and you have to convince them that we are fine without them or we don't need all of them etc.
tosti
I haven't seen this much bullshit in a long time. Can we just run a webserver, write the html and whatnot and call it a day? It's not like a webdev didn't have anything to do already.
Kwpolska
Let’s look at the Git history: https://github.com/jdevalk/specification.website/commits/mai... Yeah, mostly slop. I wonder why the slop slingers never disable Claude's self-attribution, and are too lazy to commit themselves, are they proud that they're delegating everything to a slop machine?
ItsABytecode
Some of this is pretty good stuff, but I hope standardizing on a 128 item checklist doesn't discourage people from making websites
knowmygpa
This would be a really great resource website in 2016. But right now, when AI can just spit out everything you have on website faster and in a more personalized way then i dont think that people would wanna use this much. Just my perspective, dont wanna be rude
_ache_
https://validator.w3.org/nu/?doc=https%3A%2F%2Fspecification... I don't get the goal of the website. It's averted as a specification, but to spec what ?! Everything is sourced to another "source of truth".
fmajid
I'd love best practices around, say, login forms, e.g.: - use standard input field names password managers recognize - disable autocompletion and autocapitalization on the login field - if it's an email, use the correct HTML5 input type - don't have a form with just a login email and force the user to click to enter the password - follow NIST SP 800-53, e.g. no SMS 2FA and no arbitrary password rotation and composition rules Or how many sites that have a form with only one input don't automatically focus on it.
todotask2
Some good parts, some bad practices, and a few missing pieces. I spent a lot of time auditing websites and brought all issues down to zero. Many web and SEO agencies have let technical debt build up over the years. I raised some issues to them, but didn’t hear back. After auditing a million websites, can we fix them? We could rebuild the web.