This paper introduces a method to control JavaScript execution. The aim is to prevent or modify inappropriate behaviour caused by e.g. malicious injected scripts or poorly designed third-party code. The approach is based on modifying the code so as to make it self-protecting: the protection mecha-nism (security policy) is embedded into the code itself and intercepts security relevant API calls. The challenges come from the nature of the JavaScript language: any variables in the scope of the program can be redefined, and code can be created and run on-the-fly. This creates potential problems, respectively, for tamper-proofing the protection mechanism, and for ensur-ing that no security relevant events bypass the protection. Unlike previous a...
The direct client-side inclusion of cross-origin JavaScript resources in Web applications is a perva...
In today s web applications, no one disputes the important role of JavaScript asa client-side progra...
Web applications are the most important gateway to the Internet. Billions of users are relying on th...
This paper introduces a method to control JavaScript execution. The aimis to prevent or modify inapp...
We present a method to intercept JavaScript built-in functions with security policies in order to co...
It is well recognized that JavaScript can be exploited to launch browser-based security attacks. We ...
Approaches for safe execution of JavaScript on web pages have been a topic of recent research intere...
Phung et al (ASIACCS’09) describe a method for wrapping built-in functions of JavaScript programs in...
JavaScript has become an intrinsic part of web applications. But it has a dynamic execution nature i...
The goal of this work was to apply lightweight formal methods to the study of the security of the Ja...
JavaScript drives the evolution of the web into a powerful application platform. Increasingly, web a...
Building secure web applications is notoriously difficult. The growing importance of JavaScript as a...
Securing JavaScript in the browser is an open and challenging problem. Code from pervasive third-par...
This thesis presents an innovative approach to implementing a security enforcement mechanism in the ...
Existing approaches to providing security for untrusted JavaScript include isolation of capabilities...
The direct client-side inclusion of cross-origin JavaScript resources in Web applications is a perva...
In today s web applications, no one disputes the important role of JavaScript asa client-side progra...
Web applications are the most important gateway to the Internet. Billions of users are relying on th...
This paper introduces a method to control JavaScript execution. The aimis to prevent or modify inapp...
We present a method to intercept JavaScript built-in functions with security policies in order to co...
It is well recognized that JavaScript can be exploited to launch browser-based security attacks. We ...
Approaches for safe execution of JavaScript on web pages have been a topic of recent research intere...
Phung et al (ASIACCS’09) describe a method for wrapping built-in functions of JavaScript programs in...
JavaScript has become an intrinsic part of web applications. But it has a dynamic execution nature i...
The goal of this work was to apply lightweight formal methods to the study of the security of the Ja...
JavaScript drives the evolution of the web into a powerful application platform. Increasingly, web a...
Building secure web applications is notoriously difficult. The growing importance of JavaScript as a...
Securing JavaScript in the browser is an open and challenging problem. Code from pervasive third-par...
This thesis presents an innovative approach to implementing a security enforcement mechanism in the ...
Existing approaches to providing security for untrusted JavaScript include isolation of capabilities...
The direct client-side inclusion of cross-origin JavaScript resources in Web applications is a perva...
In today s web applications, no one disputes the important role of JavaScript asa client-side progra...
Web applications are the most important gateway to the Internet. Billions of users are relying on th...