2010 May 6, 7:25
developers with all the functionality they need, and to protect our users' privacy at the same time."
2010 May 6, 7:22
"Caja allows websites to safely embed DHTML web applications from third parties, and enables rich interaction between the embedding page and the embedded applications. It uses an object-capability
security model to allow for a wide range of flexible security policies, so that the containing page can effectively control the embedded applications' use of user data and to allow gadgets to prevent
interference between gadgets' UI elements."
2010 May 6, 7:16
"Today web gadgets, mashup components, advertisements, and other 3rd party content on websites either run with full trust alongside your content or are isolated inside of IFrames. As a result, many
modern web applications are intrinsically insecure, often with unpredictable service quality. Live Labs Web Sandbox addresses this problem."
2010 May 6, 7:14
2010 Jan 26, 2:00
The sandbox attribute for the iframe element sounds like a big pit of issues. Includes a new mime type text/html-sandbox to put on content that shouldn't be rendered as html in browsers that don't
support the sandbox attribute.
2009 Dec 2, 2:52
Webkit just implemented this iframe element sandbox attribute.