JavaScript Sandboxes
After presenting an entire chapter on the dangers inherent to running untrusted JavaScript, it would seem bizarre that Web sites would so strongly embrace that very thing. Large Web sites want to tackle the problem of attracting and keeping users. Security, though important, will not be an impediment to innovation when money is on the line.
Web sites compete with each other to offer more dynamic content and offer APIs to develop third-party “weblets” or small browser-based applications that fit within the main site. Third-party applications are a smart way to attract more users and developers to a Web site, turning the site itself into a platform for collecting information and, in the end, making money in one of the few ...
Get Seven Deadliest Web Application Attacks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.