A user's and programmer's view of the new JavaScript security model

Authors:
Vinod Anupam;David M. Kristol;Alain Mayer
Affiliations:
Bell Laboratories, Lucent Technologies, Murray Hill, NJ;Bell Laboratories, Lucent Technologies, Murray Hill, NJ;Bell Laboratories, Lucent Technologies, Murray Hill, NJ
Venue:
USITS'99 Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems - Volume 2
Year:
1999

Citing 5
Cited 0

Learning VBScript

Learning VBScript
User-centered security

NSPW '96 Proceedings of the 1996 workshop on New security paradigms
JavaScript: The Definitive Guide

JavaScript: The Definitive Guide
Secure Web Scripting

IEEE Internet Computing
Security of web browser scripting languages: vulnerabilities, attacks, and remedies

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we introduce a new security model for JavaScript in Mozilla, as well as its programming interface. We present important concepts via examples from electronic commerce applications. We also describe our experience of implementing the model in the publicly available Mozilla source code. This model is likely to be integrated into Navigator 5.0, which, as of this writing, is scheduled to be released in late fall, 1999.