... Attached is a rough first draft of a safe DOM wrapper. The main idea is that untrusted script views DOM nodes simply as integer handles. To read or mutate...
... It would be easy to make the handles opaque: var nodes = []; function handleToNode(handle) { return handle.__node__; } function nodeToHandle(node) { if...
David-Sarah Hopwood
david.hopwood@...
Jun 7, 2008 2:43 am
226
... I was slightly unclear here. Encapsulation of the underlying DOM node objects from the script is required; in the implementation I suggested, that is...
David-Sarah Hopwood
david.hopwood@...
Jun 7, 2008 2:57 am
227
... [...] ... [...] ... This will leak memory on IE (even after the nodes array has become unreferenced after leaving the page), because JScript's excuse for a...
David-Sarah Hopwood
david.hopwood@...
Jun 7, 2008 11:14 pm
228
I have been investigating an idea for a secure cross-site transport. It seems unlikely that no one has done anything like this before, but I can't find any...
Recently I have been working on a new project, dojox.secure, to add a secure mechanism to Dojo for loading and executing untrusted code and widgets, and I...
I am developing an Ajax library for ADsafe. It applies a capability discipline to the dom tree, blocking access to parents and siblings. It wraps collections...
I created a safe option in JSLint for checking the safe subset. The adsafe option assumes the safe option, and additionally checks for ADsafe widget...
On Fri, Jun 27, 2008 at 1:44 AM, Mario Heiderich ... Wow. No, we had no idea. I admit that I am shocked that the one tight encapsulation mechanism in...
Mark S. Miller
erights@...
Jun 27, 2008 4:03 pm
233
... Hi Brendan, I was completely unaware of this history and did indeed think that this was a newly opened hole. I'm very pleased to find that it isn't. I'm...
Mark S. Miller
erights@...
Jun 27, 2008 8:50 pm
234
... I reply-all'ed since Mark cc'ed me, but I was not a member of the caplet@yahoogroups.com list so the message bounced off that address. Here's the...
Is that the javascript equivalent of IE's expression(...) CSS extension? If so, I'm confused. If code is getting access to a raw HTMLElement or style object,...
... This is a Microsoft DOM method <http://msdn.microsoft.com/en-us/library/ms531196(VS.85).aspx> <http://www.webreference.com/js/tips/000719.html>. It's...
David-Sarah Hopwood
david.hopwood@...
Jul 17, 2008 3:30 pm
239
A sample ADsafe widget can be seen at http://www.adsafe.org/bats.html It plays the game of Bats....
Not directly object-capability news, but very good news from an ocap perspective. ... From: Brendan Eich <brendan@...> Date: Wed, Aug 13, 2008 at 2:26...
Mark S. Miller
erights@...
Aug 13, 2008 9:43 pm
241
ADsafe will now accept subscripting expressions that use the + prefix, so koda[bosonda] can be written as koda[+bosonda] instead of as ADSAFE.get(koda,...
... I'm kind of late to this (just joined this group) but this just seems like a losing battle. Trusting that a host hasn't opened themselves up to an attack...
Of course the attack assumes that the host uses Prototype and also has an iframe on the page, but I imagine such cases aren't hard to find. There's also...
... the prototypes (of course this could simply be documented to be unsafe)? Also, the mozilla() fix function replaces value in existing slots, it doesn't seem...
... Understood. I think the situation may be a little different for me than for the ADsafe in general, since I am focused on a Dojo-specific impl of ADsafe....
... has an iframe on the ... several other ways you can ... vectors? I see you're ... that approach won't work ... I looked at the Mozilla array methods, and...
... Thanks, Marcel, that was really helpful. ADsafe's mozilla function is now conditioned on the existence of slots for concat, filter, map, reverse, slice,...
... These vulnerabilities were first pointed out by Jeff Walden and Eli Friedman, then interns at Mozilla, in August 2007. Jeff wrote back then in reply to...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
