SafeJS: Hermetic Sandboxing for JavaScript - Archive ouverte HAL Access content directly
Reports (Technical Report) Year : 2013

SafeJS: Hermetic Sandboxing for JavaScript

(1, 2) , (1) , (1)


Isolating programs is an important mechanism to support more secure applications. Isolating program in dynamic languages such as JavaScript is even more challenging since reflective operations can circumvent simple mechanisms that could protect program parts. In this article we present SafeJS, an approach and implementation that offers isolation based on separate sandboxes and control of information exchanged between them. In SafeJS, sandboxes based on web workers do not share any data. Data exchanged between sandboxes is solely based on strings. Using different policies, this infrastructure supports the isolation of the different scripts that usually populate web pages. A foreign component cannot modify the main DOM tree in unexpected manner. Our SafeJS implementation is currently being used in an industrial setting in the context of the Resilience FUI 12 project.
Fichier principal
Vignette du fichier
main.pdf (84.46 Ko) Télécharger le fichier
Origin : Files produced by the author(s)

Dates and versions

hal-00862099 , version 1 (16-09-2013)



Damien Cassou, Stéphane Ducasse, Nicolas Petton. SafeJS: Hermetic Sandboxing for JavaScript. [Technical Report] 2013, pp.7. ⟨hal-00862099⟩
209 View
338 Download



Gmail Facebook Twitter LinkedIn More