Other Diversions

security

politics

religion

technology

news

friends

Science / Skepticism


Powered by MT Blogroll

Bookmooch!

Mooch/Give books at bookmooch.com

Current Reading List

Recently Read

Latest Music

Reading Queue

« Computer failure causes closure of Seattle downtown transit tunnel | Juxtaposition Home | URI vs. URL »

Caja: Capability model for javascript

This could be one of the coolest things to come along in a while.  I heard it mentioned at OWASP and then just found an article on Financial Cryptography about it as well.

FYI, wikipedia article on Capability-based security

Links » Caja: Capability Javascript

...rather than modify Javascript, we restrict it to a large subset. This means that a Caja program will run without modification on a standard Javascript interpreter - though it won’t be secure, of course! When it is compiled then, like CaPerl, the result is standard Javascript that enforces capability security. What does this mean? It means that Web apps can embed untrusted third party code without concern that it might compromise either the application’s or the user’s security.

Posted by on January 1, 2008 4:31 PM | |

TrackBack

TrackBack URL for this entry:
https://juxtaposition.axley.net/blog-bin/mt-tb.cgi/739

Post a comment

«« January 2008

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    
Contact: Jason Axley

Search Amazon:

Amazon Logo

Search


Tag cloud

Archives by Category

Archives

Recent Posts

Subscribe to this blog's feed
[What is this?]
Powered by
Movable Type 3.34