Let's look at some cases. Case 1. Pirate.net has a page with an iframe from penzance.org. The penzance widget is willing to talk to anything, and so is...
... # Communication is restricted only to JSON text. JSON text allows exchange # of simple or complex data structures without the capability leakage that #...
David Hopwood
david.hopwood@...
Jul 10, 2007 10:06 pm
29
... exchange ... leakage that ... The parseJSON method is available at http://www.json.org/js.html It will be standard equipment in the next edition of...
... That's good. I still think that exchanging deep-copied objects directly would be more convenient. It also allows immutable objects to be shared between...
David Hopwood
david.hopwood@...
Jul 12, 2007 5:03 pm
31
... Exchange of strings between vats is safe because strings are immutable and do not carry capabilities to things like Object and Object.prototype. JSON...
... I see that even that page says: # To convert a JSON text into an object, use the eval() function. before pointing out why you shouldn't do that. It should...
David Hopwood
david.hopwood@...
Jul 13, 2007 1:48 am
33
... String, ... Congratulations on discovering a design flaw in JavaScript. Welcome to my world....
... Actually, I'd prefer to pass in a function that is given the opportunity to convert the value to one that does have a JSON representation. For example,...
I have three things to report that might be of interest to this mailing list. First, IBM Research has developed an approach called SMash whose goal is to ...
We have the Mashup, which is the most interesting innovation in programming in years. But as practiced in the web browser, it is insecure. There is a clear...
... That would be a good way to avoid the latency, if it works. Does anyone know what sort of functionality can be delivered that way? ... Tim Freeman Email:...
Tyler's "Bang Tutorial" <http://waterken.sourceforge.net/bang/> is the right place to start to understand the Javscript library used on the client to talk to...
The Waterken server is itself built in Joe-E and provides distributed capability-based interaction for Joe-E objects via an https/json based crypto capability...
The Waterken server itself can be downloaded from http://sourceforge.net/projects/waterken/ The core of the Javascript library that provides the API for...
JSLint.com contains an ADsafe feature. Its intent is to enforce a safe subset of JavaScript for use in ads and widgets. ADsafe requires no transformations. It...
... Bravo! It would be elegant and possibly easy to annotate each warning with a category where the categories are those listed in the options box below. A...
And Object.eval isn't present on all browsers, so it breaks the rules but I thought I'd mention it: (function () { var x = {}; var y = 'evaluate'.substring(0,...
... If I submit anything starting with: <!-- I get the error: Problem at line NaN character NaN: stack has no properties I suspect that the 'NaN's here are...
David Hopwood
david.hopwood@...
Sep 30, 2007 10:33 pm
48
(function () { var x = function () {}; var y = 'constructor'; var z = (x[y]); var w = z('alert("hi")'); w(); })(); cheers, mike...
Square brackets are clearly problematic, as they allow access to eval. I suggest you deny them entirely and (optionally) allow authors use the ADSAFE API to...
... What is the rule that is being applied to: (function () { var y = 'constructor'; ({}[y])('alert("hi")')(); })(); that provokes an ADsafe restriction, when ...
David Hopwood
david.hopwood@...
Sep 30, 2007 11:33 pm
51
... This is a case where conciseness matters for the acceptability of the restriction, so I suggest something like: SET(foo, bar, GET(foo, bar) + 1); instead. ...
David Hopwood
david.hopwood@...
Sep 30, 2007 11:40 pm
52
Or you allow an idiom that first asserts that the index is safe ('number' === typeof i) && obj[<expr>] Where expression is allowed to be something that...
... Why is the ADSAFE object not first-class ("var a = ADSAFE;" fails)? That doesn't seem to be necessary for security. -- David Hopwood...
David Hopwood
david.hopwood@...
Oct 1, 2007 1:45 am
55
... Better: foo.set(bar, foo.get(bar) + 1); and undo the conflation of objects with arrays and dictionaries, by defining 'get' and 'set' only for the latter. ...
Having problems with message search?
Fill out this form to ensure your group is one of the first to be migrated to the new message search system.
