O'Reilly logo

Web Technology: Theory and Practice by M. Srinivasan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

4.20 JAVASCRIPT SECURITY

A web browser is a complex piece of software, and JavaScript is a powerful scripting language. It is no surprise that the intersection between these elements will be far too complex. On the flip side, it offers potential security holes. However, there are certain precautions that the language itself tries to provide.

The window object allows a lot of control to the JavaScript programmer.

4.20.1 File Handling and Execution

JavaScript cannot read files from the file server (except for cookies). Similarly, it cannot write any file into the file system (except through server-side programs). Likewise, it cannot execute any program in the file system.

4.20.2 Same Origin Policy

This security policy applies to client-side scripting ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required