W3C home > Mailing lists > Public > whatwg@whatwg.org > January 2007

[whatwg] Sandboxing scripts in pages

From: James M Snell <jasnell@gmail.com>
Date: Fri, 12 Jan 2007 08:34:03 -0800
Message-ID: <45A7B87B.8010902@gmail.com>
Hello,

I've recently been musing over some ideas around sandboxing scripts and
styles within a document [1].  The basic idea is to have some means of
isolating potentially untrustworthy scripts.

  From my blog entry: "Scripts within the sandbox would only see the DOM
  of the sandbox. Methods defined outside the sandbox would still be
  accessible. External methods could return objects from outside the
  sandbox."

The example I go on to give is this:

  <html>
  <body>
    <script>
      function getElement(id) {
        return document.getElementById(id);
      }
    </script>

    <sandbox id="a">
      <div id="a1"></div>
      <script>
        // this will fail because b1 does not exist in sandbox a
        document.getElementById('b1').innerHTML = "foo";

        // this will succeed because getElement(id) can be called from
  within sandbox a
        getElement('b1').innerHTML = "foo";
      </script>
    </sandbox>

    <sandbox id="b">
      <div id="b1"></div>
    </sandbox>
  </body>
  </html>

The use of the sandbox tag is purely illustrative.  As Asbj?rn Ulsberg
points out in the comments on my entry, the same effect could be
achieved using either a new DOM and/or CSS property. For instance, we
could replace the <sandbox> with <div style="scripts:restricted"> (or
some variation thereof).

Whatever shape the mechanism ultimately takes, having a way of isolating
scripts within a document would be extremely beneficial.

Thoughts?

- James

[1] http://www.snellspace.com/wp/?p=582
Received on Friday, 12 January 2007 08:34:03 UTC

This archive was generated by hypermail 2.3.1 : Monday, 13 April 2015 23:08:31 UTC