Isolating JavaScript with Filters, Rewriting, and Wrappers

@inproceedings{Maffeis2009IsolatingJW,
  title={Isolating JavaScript with Filters, Rewriting, and Wrappers},
  author={Sergio Maffeis and John C. Mitchell and Ankur Taly},
  booktitle={ESORICS},
  year={2009}
}
We study methods that allow web sites to safely combine JavaScript from untrusted sources. If implemented properly, filters can prevent dangerous code from loading into the execution environment, while rewriting allows greater expressiveness by inserting run-time checks. Wrapping properties of the execution environment can prevent misuse without requiring changes to imported JavaScript. Using a formal semantics for the ECMA 262-3 standard language, we prove security properties of a subset of… CONTINUE READING
Highly Cited
This paper has 88 citations. REVIEW CITATIONS

From This Paper

Topics from this paper.

Citations

Publications citing this paper.

88 Citations

01020'11'13'15'17
Citations per Year
Semantic Scholar estimates that this publication has 88 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 20 references

ECMAScript language specification. stardard ECMA-262, 3rd Edition

  • ECMA International
  • http://www.ecma-international.org/publications…
  • 1999
Highly Influential
4 Excerpts

Isolating JavaScript with filters, rewriting, and wrappers

  • S. Maffeis, J. C. Mitchell, A. Taly
  • Dep. of Computing, Imperial College London…
  • 2009
1 Excerpt

Recency types for dynamically-typed, object-based languages

  • P. Heidegger, P. Thiemann
  • Foundations of Object-Oriented Languages
  • 2009
1 Excerpt

Run-time enforcement of untrusted javascript subsets

  • S. Maffeis, J. C. Mitchell, A. Taly
  • In Web 2.0 Security & Privacy (W2SP),
  • 2009
1 Excerpt

ADsafe: Making JavaScript safe for advertising

  • Douglas Crockford
  • http://www. adsafe.org/,
  • 2008
1 Excerpt

Similar Papers

Loading similar papers…