| Publisher | Association for Computing Machinery | ||
|---|---|---|---|
| Format | 444.0KB PDF | Date added | 11 May 2007 |
| Topics | Programming Languages, Software Engineering, Security Management | ||
| Downloads | 41 | ||
This paper proposes a simple to support, yet a powerful scheme for eliminating a wide range of script injection vulnerabilities in applications built on top of popular Ajax development frameworks such as the Dojo Toolkit, prototype.js, and AJAX.NET. Unlike other client-side runtime enforcement proposals, the approach it is advocating requires only minor browser modifications. This is because the proposal can be viewed as a natural finer-grained extension of the same-origin policy for JavaScript already supported by the majority of mainstream browsers, in which it treat individual user interface widgets as belonging to separate domains.
Did you find this white paper useful?
26 out of 50 users found this white paper useful
Related white papers
Software Engineering Today - Best Practices & Patterns
This is the final webcast in the 15 part series ?Modern Software Development in .NET Using Visual Basic?. Developers shouldn?t miss this opportunity to examine the following topics with renowned...
Introducing Xomega for XML Object Modeling and Code Generation
XML-based Model Driven Development can be a simple, but very powerful alternative to the UML-based MDA and can result in significantly increased productivity, clean and robust designs and improved system...
Market-Leading Data-Modeling Tools: Research Report from the Burton Group
The Burton Group provides an in-depth research report on Market-Leading Data-Modeling Tools. According to their research, basic data modeling tools have become commoditized - basic features are yesterday's...
The Converging Paths of SQL Server and SharePoint - Don't Wait Until It's Too Late!
SharePoint and SQL server have much in common, and understanding their similarities will help you streamline your day-to-day tasks and help you work more efficiently. Do you know what those...
Supporting Employees Anytime, Anywhere
New business demands require a new approach to end-user support. This is leading organizations to a remote service delivery model that leverages the Web and Saas technology
The Pursuit of a Standardized Solution for Secure Enterprise RBAC
Each RBAC implementation varies in its capabilities and method of management. In a multi-platform environment, these differences introduce higher administration hours and costs because the various RBAC models are not...
Combining the Power of Rhapsody Model-Driven Development, UML and Hitex Tools to Streamline the Development of 8, 16, and 32 Bit Applications
Studies have shown that software is now the main bottleneck for most embedded systems projects. According to Embedded Market Forecasters, 56% of all embedded designs are behind schedule, and software...
