We've previously announced the Caja project <http://code.google.com/p/google-caja/> on cap-talk, e-lang, and The Caplet Group list. Since then, in order to...
From an article in "SOA Advisor" titled "Enterprise Web 2.0, SOA Linkage: Will lack of standards be a hindrance?" by Srinivas Padmanabhuni of InfoSys. (If you...
The next step is to secure HTML fragments. JSLint has an HTML fragment option. When used with ADsafe, it will accept a <div> or <iframe> and its contents. It...
Caja is hereby open source under the Apache license 2.0. The Caja development site is at http://code.google.com/p/google-caja/ The initial draft design doc is...
Let's refer to a Javascript function that mentions 'this' as a Javascript method. When a Javascript method is called as a function, it's 'this' gets bound to...
I have relaxed the rules on words. $ and leading _ are permitted. A trailing __ is forbidden. This change makes ADsafe a subset of another safe JavaScript...
I have put more limitations on what is tolerated in HTML. I suspect there are more gremlins out there. I am worried about catch(name) clauses. The way that...
Special thanks to Mike Samuel. I owe you a late of shrimp. I am now disallowing the use of subscripting. In its place, I will be providing ADSAFE.get(object,...
Google Gears, a set of tools for offline Ajax applications, was introduced today at the Google Developer Day in San Jose. Gears is currently a browser plugin....
The Waterken server is itself built in Joe-E and provides distributed capability-based interaction for Joe-E objects via an https/json based crypto capability...
Tyler's "Bang Tutorial" <http://waterken.sourceforge.net/bang/> is the right place to start to understand the Javscript library used on the client to talk to...
We have the Mashup, which is the most interesting innovation in programming in years. But as practiced in the web browser, it is insecure. There is a clear...
I have three things to report that might be of interest to this mailing list. First, IBM Research has developed an approach called SMash whose goal is to ...
Let's look at some cases. Case 1. Pirate.net has a page with an iframe from penzance.org. The penzance widget is willing to talk to anything, and so is...
Posted on cap-talk. I will reply on cap-talk and forward my reply here as well. Further discussion of this should occur on cap-talk, but I'll forward here any...
So, someone created this group and subscribed me to it, which I do not object to, the idea is interesting. But I'm wondering who did that, and why? Cheers, ...
The protocol I spoke of is described here: (http://cap-lore.com/ CapTheory/Dist/Glass.html#introducer). It assumes two agents on the same platform and a...
A recent development in web application development is The Mashup. A mashup is a page that is obtaining data from multiple sources and producing a useful...
We now have two webvats, the HTML frame or iframe, and the Gears's worker pool. What we need next is a safe common way to let them communicate. I think that...
I quote from the MashupOS paper from Microsoft that Doug referred us to: There is either no trust across principals through complete isolation or full trust...
A coarse-grained solution requires some sort of containment vessel for the modules or widgets or gadgets or portlets, and a conduit system which provides for...
Norm here. ("fosdf" is nothing) The information at (http://www.onflex.org/ted/2006/11/tamarin-implications.php) is more than I had seen before. Nothing...
