Preventing Capability Leaks in Secure JavaScript Subsets
نویسندگان
چکیده
Publishers wish to sandbox third-party advertisements to protect themselves from malicious advertisements. One promising approach, used by ADsafe, Dojo Secure, and Jacaranda, sandboxes advertisements by statically verifying that their JavaScript conforms to a safe subset of the language. These systems blacklist known dangerous properties that would let advertisements escape the sandbox. Unfortunately, this approach does not prevent advertisements from accessing new methods added to the built-in prototype objects by the hosting page. In this paper, we show that onethird of the Alexa US Top 100 web sites would be exploitable by an ADsafe-verified advertisement. We propose an improved statically verified JavaScript subset that whitelists known-safe properties using namespaces. Our approach maintains the expressiveness and performance of static verification while improving security.
منابع مشابه
Cross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense
We identify a class of Web browser implementation vulnerabilities, cross-origin JavaScript capability leaks, which occur when the browser leaks a JavaScript pointer from one security origin to another. We devise an algorithm for detecting these vulnerabilities by monitoring the “points-to” relation of the JavaScript heap. Our algorithm finds a number of new vulnerabilities in the opensource Web...
متن کاملRun-Time Enforcement of Secure JavaScript Subsets
Web sites that incorporate untrusted content may usebrowseror language-based methods to keep such contentfrom maliciously altering pages, stealing sensitive infor-mation, or causing other harm. We use accepted meth-ods from the study of programming languages to inves-tigate language-based methods for filtering and rewritingJavaScript code, using Facebook FBJS as a motiva...
متن کاملReducing Human Factors in Software Security Architectures
In the recent past it has become clear that there are inherent problems with the security models of popular programming platforms such as Java, Android, and so forth. In this work we pinpoint sources of those problems, and explain the relative strengths and weaknesses of the security models for C/C++, Java, .NET, Android and JavaScript. As it turns out, many problems are caused by the fact that...
متن کاملDetection and Diagnosis of Memory Leaks in Web Applications
Memory leaks – the existence of unused memory on the heap of applications – result in low performance and may, in the worst case, cause applications to crash. The migration of application logic to the client side of modern web applications and the use of JavaScript as the main language for client-side development have made memory leaks in JavaScript an issue for web applications. Significant po...
متن کاملDetile: Fine-Grained Information Leak Detection in Script Engines
Memory disclosure attacks play an important role in the exploitation of memory corruption vulnerabilities. By analyzing recent research, we observe that bypasses of defensive solutions that enforce control-flow integrity or attempt to detect return-oriented programming require memory disclosure attacks as a fundamental first step. However, research lags behind in detecting such information leak...
متن کامل