[whatwg] Sandboxing scripts in pages
James M Snell
jasnell at gmail.com
Fri Jan 12 08:34:03 PST 2007
Hello,
I've recently been musing over some ideas around sandboxing scripts and
styles within a document [1]. The basic idea is to have some means of
isolating potentially untrustworthy scripts.
From my blog entry: "Scripts within the sandbox would only see the DOM
of the sandbox. Methods defined outside the sandbox would still be
accessible. External methods could return objects from outside the
sandbox."
The example I go on to give is this:
<html>
<body>
<script>
function getElement(id) {
return document.getElementById(id);
}
</script>
<sandbox id="a">
<div id="a1"></div>
<script>
// this will fail because b1 does not exist in sandbox a
document.getElementById('b1').innerHTML = "foo";
// this will succeed because getElement(id) can be called from
within sandbox a
getElement('b1').innerHTML = "foo";
</script>
</sandbox>
<sandbox id="b">
<div id="b1"></div>
</sandbox>
</body>
</html>
The use of the sandbox tag is purely illustrative. As Asbjørn Ulsberg
points out in the comments on my entry, the same effect could be
achieved using either a new DOM and/or CSS property. For instance, we
could replace the <sandbox> with <div style="scripts:restricted"> (or
some variation thereof).
Whatever shape the mechanism ultimately takes, having a way of isolating
scripts within a document would be extremely beneficial.
Thoughts?
- James
[1] http://www.snellspace.com/wp/?p=582
More information about the whatwg
mailing list