[whatwg] Sandboxing scripts in pages

Bjoern Hoehrmann derhoermi at gmx.net
Fri Jan 12 09:12:53 PST 2007

* James M Snell wrote:
>Whatever shape the mechanism ultimately takes, having a way of isolating
>scripts within a document would be extremely beneficial.

It would be helpful if you could first explain what pain you are trying
to solve and how your solution would solve it. For example, a malicious
script could create a new layer in the sandbox and position it so that
it is rendered on top of the rest of the document. Why wouldn't that be
a problem? Or, since the script in the sandbox apparently can execute
all other author-defined functions, what if the author of the host page
includes some scripting library that, say, provides indirect access to
document.cookie; a malicious script could then easily steal the cookie.

You naturally also cannot use <script> for the untrusted script as down-
level clients would ignore the <sandbox> and execute the script as fully
trusted one. I would say that including untrusted scripts in any way in-
to the context of your documents is a very bad idea no matter how you
try to restrict it. If you want your scripts and untrusted scripts to
communicate, that's best done through exchanging data instead of any
kind of execution sandbox.
Björn Höhrmann · mailto:bjoern at hoehrmann.de · http://bjoern.hoehrmann.de
Weinh. Str. 22 · Telefon: +49(0)621/4309674 · http://www.bjoernsworld.de
68309 Mannheim · PGP Pub. KeyID: 0xA4357E78 · http://www.websitedev.de/ 

More information about the whatwg mailing list