JSand: Complete Client-Side Sandboxing of Third-Party JavaScript without Browser Modifications

Download Now
Provided by: Association for Computing Machinery
Topic: Security
Format: PDF
The inclusion of third-party scripts in web pages is a common practice. A recent study has shown that more than half of the alexa top 10 000 sites include scripts from more than 5 different origins. However, such script inclusions carry risks, as the included scripts operate with the privileges of the including website. The authors propose JSand, a server-driven but client-side Java-script sandboxing framework. JSand requires no browser modifications: the sandboxing framework is implemented in JavaScript and is delivered to the browser by the websites that use it.
Download Now

Find By Topic