Preventing Capability Leaks in Secure JavaScript Subsets

by Matthew Finifter , Joel Weinberger , Adam Barth
Citations:16 - 2 self

Active Bibliography

Acknowledgement – Joel Weinberger, Brian Carver, David Wagner, Devdatta Akhawe, Adam Barth, Juan Chen, Matthew Finifter, Ben Livshits, Prateek Saxena, Cole Schlesinger, Richard Shin, Dawn Song, Meredith Sue Willis, Andrew Weinberger For, Joel Howard, Willis Weinberger, Joel Howard, Willis Weinberger, Joel Howard, Willis Weinberger
1 Virtual Browser: a Virtualized Browser to Sandbox Third-party JavaScripts with Enhanced Security – Yinzhi Cao, Yan Chen, Zhichun Li, Vaibhav Rastogi, Xitao Wen
Flexible Access Control for JavaScript – Gregor Richards, Christian Hammer, Nardelli Suresh, Jagannathan Jan Vitek
55 Gatekeeper: Mostly static enforcement of security and reliability policies for JavaScript code – Benjamin Livshits, Salvatore Guarnieri - 2009
6 xJS: Practical XSS Prevention for Web Application Development – Elias Athanasopoulos, Antonis Krithinakis, Spyros Ligouras, Evangelos P. Markatos, Thomas Karagiannis
RETHINKING WEB PLATFORM EXTENSIBILITY – Mohan Dhawan - 2013
18 Object views: Fine-grained sharing in browsers – Leo A. Meyerovich, A. Porter Felt, Mark S. Miller, Google Inc - 2010
1 JavaScript in JavaScript (js.js): Sandboxing third-party scripts – Jeff Terrace, Stephen R. Beard, Naga Praveen, Kumar Katta
6 TreeHouse: JavaScript sandboxes to help web developers help themselves – Lon Ingram, Michael Walfish - 2012
38 Protecting Browsers from Extension Vulnerabilities – Adam Barth, Adrienne Porter Felt, Prateek Saxena, Aaron Boodman
16 Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense – Adam Barth, Joel Weinberger, Dawn Song
1 FOUNDATIONS OF WEB SCRIPT SECURITY – Aaron Bohannon - 2012
Toward Principled Browser Security РEdward Z. Yang, Deian Stefan, John Mitchell, David Mazi̬res, Petr Marchenko, Brad Karp
24 Object Capabilities and Isolation of Untrusted Web Applications – Sergio Maffeis, John C. Mitchell, Ankur Taly
Understanding and Defending against . . . – Alexander Nikolaevich Moshchuk - 2009
3 Securing Script-Based Extensibility in Web Browsers – Vladan Djeric, Ashvin Goel
4 FIRM: Capability-based Inline Mediation of Flash Behaviors – Zhou Li, Xiaofeng Wang
8 Privilege Separation for HTML5 Applications – Devdatta Akhawe, Prateek Saxena, Dawn Song - 2012
AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements – Mike Ter, Louw Karthik, Thotta Ganesh, V. N. Venkatakrishnan - 2009