Treehouse: Javascript Sandboxes to Help Web Developers Help Themselves

  title={Treehouse: Javascript Sandboxes to Help Web Developers Help Themselves},
  author={Lon Ingram and Michael Walfish},
  booktitle={USENIX Annual Technical Conference},
Many Web applications (meaning sites that employ JavaScript) incorporate third-party code and, for reasons rooted in today’s Web ecosystem, are vulnerable to bugs or malice in that code. Our goal is to give Web developers a mechanism that (a) contains included code, limiting (or eliminating) its influence as appropriate; and (b) is deployable today, or very shortly. While the goal of containment is far from new, the requirement of deployability leads us to a new design point, one that applies… CONTINUE READING
Highly Cited
This paper has 75 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 31 extracted citations

Pivot: Fast, Synchronous Mashup Isolation Using Generator Chains

2014 IEEE Symposium on Security and Privacy • 2014
View 11 Excerpts
Highly Influenced

75 Citations

Citations per Year
Semantic Scholar estimates that this publication has 75 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 43 references

Caja: Safe active content in sanitized JavaScript

M. S. Miller, M. Samuel, B. Laurie, I. Awad, M. Stay
View 4 Excerpts
Highly Influenced

IE8 and loosely-coupled

A. Zeigler
IE (LCIE), • 2008
View 3 Excerpts
Highly Influenced

Fourth-party calls: What you don’t know can hurt your site

J. Bixby
View 2 Excerpts

Towards Fine-Grained Access Control in JavaScript Contexts

2011 31st International Conference on Distributed Computing Systems • 2011
View 2 Excerpts