Author:

Abstract:

In today’s web applications, no one disputes the important role of JavaScript asa client-side programming language. JavaScript can turn the Web into a lively,dynamic and interactive end-user experience. Unfortunately, JavaScript canalso be used to steal sensitive information and abuse powerful functionality. Sloppy input validation can make a web application vulnerable, allowingmalicious JavaScript code to leak into a web application’s JavaScript executionenvironment, where it leads to unintended code execution. An otherwise secure web application may intentionally include JavaScript froma third-party script provider. This script provider may in turn serve untrustedor even malicious JavaScript, leading to the intended execution of untrustedcode. In both the intended and unintended case, untrusted JavaScript ending up inthe JavaScript execution environment of a trusted web application, gains accessto sensitive resources and powerful functionality. Web application securitywould be greatly improved if this untrusted JavaScript could be isolated and itsaccess restricted. In this work, we first investigate ways in which JavaScript code can leak into thebrowser, leading to unintended JavaScript execution. We find that, due to badinput validation, malicious JavaScript code can be injected into a JavaScriptexecution environment through both browser plugins and browser extensions. Next, we review JavaScript sandboxing systems designed to isolate and restrictuntrusted JavaScript code and divide them into three categories, discussingtheir advantages and disadvantages: JavaScript subsets and rewriting systems,JavaScript sandboxing through browser modifications and JavaScript sandboxingsystems without browser modifications. We further research the last twocategories, developing and evaluating a prototype of each.