Data Tainting

• Data tainting, an alternative to the Same Origin Policy, was experimentally implemented in NN3.0

• Data tainting allows access to private data (e.g., history[] array) but forbids “export” of this data over the Internet

• Both data and methods may be tainted

  • In principle one could selectively control access but in practice it never worked as too hard to “untaint”

• Tainting was extremely clumsy and has been disabled in NN4, in favor of signed scripts

Previous slide

Next slide

Back to first slide

View graphic version