Basic HTML version of Foils prepared May 19 99

Foil 140 JavaScript Security Model

From Remarks on Internet and Java Security Basic Information Track Computational Science Course CPS616 -- Spring Semester 1999. by Geoffrey Fox, Mehmet Sen


1 JavaScript Security depends on the implementation of the browsers.
2 There are two security policies in JavaScript:
  • Same Origin Policy: Navigator version 2.0 and later automatically prevents scripts on one server from accessing properties of documents on a different server, including user session histories, directory structures etc..
  • Signed Script Policy: The JavaScript security model for signed scripts is based upon the Java security model for signed objects. The scripts you can sign are inline scripts (those that occur within the SCRIPT tag), event handlers, JavaScript entities, and separate JavaScript files.

in Table To:


© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Wed May 19 1999