Simon Willison's Weblog: dojoxsecurehttp://simonwillison.net/2008-09-24T16:08:56+00:00Simon WillisonSecure mashups with dojox.secure2008-09-24T16:08:56+00:002008-09-24T16:08:56+00:00https://simonwillison.net/2008/Sep/24/dojoxsecure/#atom-tag
<p><strong><a href="http://www.sitepen.com/blog/2008/08/01/secure-mashups-with-dojoxsecure/">Secure mashups with dojox.secure</a></strong></p>
dojox.secure is brilliant and terrifying at the same time. It provides a full featured API for running untrusted JavaScript in a sandbox, by parsing and validating that code against a variant of Douglas Crockford’s ADsafe JavaScript subset. It could be fantastically useful, but it’s difficult to judge how secure this approach really is.
<p><small></small>Via <a href="http://twitter.com/dylans/statuses/933059448">dylans on Twitter</a></small></p>
<p>Tags: <a href="https://simonwillison.net/tags/adsafe">adsafe</a>, <a href="https://simonwillison.net/tags/dojo">dojo</a>, <a href="https://simonwillison.net/tags/dojox">dojox</a>, <a href="https://simonwillison.net/tags/dojoxsecure">dojoxsecure</a>, <a href="https://simonwillison.net/tags/javascript">javascript</a>, <a href="https://simonwillison.net/tags/kriszyp">kriszyp</a>, <a href="https://simonwillison.net/tags/mashups">mashups</a>, <a href="https://simonwillison.net/tags/sandboxing">sandboxing</a>, <a href="https://simonwillison.net/tags/security">security</a></p>