From Wikipedia, the free encyclopedia
Caja (pronounced "KAhah"[2]) is a
Google project for "virtual
iframes" based on the principles of object-capabilities. Caja takes
JavaScript, HTML, and CSS input and rewrites it into a safe
subset of HTML and CSS, plus a single JavaScript function with no
free variables. That means the only way such a function can modify
an object is if it is given a reference to the object by
the host page. Instead of giving direct references to DOM objects, the host page typically gives
references to wrappers that sanitize HTML, proxy URLs, and prevent redirecting
the page; this allows Caja to prevent certain phishing attacks, prevent cross-site scripting attacks, and
prevent downloading malware.
Also, since all rewritten programs run in the same frame, the host
page can allow one program to export an object reference to another
program; then inter-frame communication is simply method
invocation.
The word "caja" is Spanish for “box” or "safe" (as in a bank),
the idea being that Caja can safely contain JavaScript programs as
well as being a capabilities-based
JavaScript.
Caja emulates ECMAScript 5 strict mode (called "Valija"
in the Caja documents) on top of a much smaller subset of
JavaScript, named "Cajita". Cajita removes all the parts of
JavaScript that are insecure or that make defensive programming
impractical, resulting in an object-capability language. Then
Valija simulates the parts that are incompatible with defensive
programming (such as monkey patching)
while maintaining isolation. Cajita is much faster than Valija and
more secure than JavaScript, but typically incompatible with
existing code.
Caja is being adopted by MySpace[3][4] and Yahoo!.[5]
References
See also
External
links
| Object-capability
security |
|
| OS kernels |
|
|
| Programming languages |
|
|
| Systems using capabilities |
|
|
| Filesystems |
|
|
| Specialised hardware |
|
|
| Concepts |
|
|
Wikis
Search
