Change search
ReferencesLink to record
Permanent link

Direct link
Limiting JavaScript usage in a multi-module web platform
KTH, School of Computer Science and Communication (CSC).
2014 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

This report details our research done on web sandboxeswith a focus on two different implementations, Google Cajaand ADsafe. Detailing their differences, their soundness,and their suitability for isolation of untrusted JavaScriptin a specific multi-module web platform. The report alsocontains our results from implementing a prototype of atool to automatically test an implementation of an ADsafesandbox.We present our motivation for this research as the securityissues with running non-isolated and unchecked JavaScript,and the specific risks related to Multisoft’s Softadmin platform

Abstract [sv]

Begränsning av JavaScript i enmulti-modulär web plattformI denna rapport presenterar vi vår undersökning av sandlådorför JavaScript. Vi fokuserar på två implementeringar,Google Caja och ADsafe.I rapporten presenterar vi deras för-och nackdelar, hur vikan undersöka och visa deras säkerhet, samt hur de passarsom verktyg för isolering av JavaScript i en specifik multimodulärweb plattform. Vi presenterar även de resultat vikom fram till efter att vi försökte designa och implementeraett verktyg som automatiskt kan testa en implementeringav en ADsafe sandbox.Slutligen beksriver vi vår motivering bakom denna rapport,e de säkerhetsrisker okontrollerad JavaScript för medsig och de specifika riskerna i multi-modulära web platformarlikt Multisofts Softadmin plattform.

Place, publisher, year, edition, pages
National Category
Computer Science
URN: urn:nbn:se:kth:diva-155766OAI: diva2:762845
Educational program
Master of Science - Computer Science
Available from: 2014-11-20 Created: 2014-11-13 Last updated: 2014-11-20Bibliographically approved

Open Access in DiVA

No full text

By organisation
School of Computer Science and Communication (CSC)
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 100 hits
ReferencesLink to record
Permanent link

Direct link