Monday, January 11, 2010

Section 2.9. JavaScript Security Restrictions








 

 












2.9 JavaScript Security Restrictions





For security reasons, client-side JavaScript implementations

typically impose restrictions on the tasks that scripts can perform.

The most obvious restrictions are omissions of dangerous

capabilities: there is no way for client-side JavaScript to delete

files on a user's local hard disk, for example.

Other restrictions exist to prevent the disclosure of private

information or to keep scripts from annoying users. There is no

standard set of security restrictions, but the following are

restrictions found in typical browser implementations.

Don't attempt to write scripts that do these things:

even if they work for your browser, they probably

won't work in others.







Same origin policy




Scripts can only read properties of windows and documents that were

loaded from the same web server. This is a substantial and pervasive

restriction on cross-window scripting, and prevents scripts from

reading information from other unrelated documents that the user is

viewing. This restriction also prevents scripts from registering

event handlers or spoofing events on unrelated documents.





File uploads




Scripts cannot set the value property of the

FileUpload form element.





Sending email and posting news




Scripts cannot submit forms to mailto: or

news: URLs without user confirmation.





Closing windows




A script can only close browser windows that it created itself,

unless it gets user confirmation.





Snooping in the cache




A script cannot load any about: URLs, such as

about:cache.





Hidden windows and window decorations




A script cannot create small or offscreen windows or windows without

a titlebar.









Note that this list of security restrictions is not static. As the

use of JavaScript has grown, advertisers and unsavory characters have

started doing annoying things with it. As a result, newer browsers,

such as Mozilla 1.0, allow user-configurable security restrictions

that can prevent scripts from opening new windows (such as pop-up

ads), or from moving or resizing existing windows.
















     

     


    No comments: