Caja and Genomics

46 views

Skip to first unread message

Mark S. Miller

unread,

Sep 22, 2015, 9:47:30 AM9/22/15

to Google Caja Discuss, Discussion of E and other capability languages

http://www.ncbi.nlm.nih.gov/pmc/articles/PMC4559604/

To address this vulnerability, we used a JavaScript sanitizing library called Caja [38], which allows third-party scripts to be executed by the same JavaScript runtime environment as the framework code, but in sandbox mode, with restrictions defined within the host script.