Securing Applications

Many methods are accepted as appropriate solutions for securing third-party application code within a container host. Two of these, Caja and ADSafe, accomplish this task in particularly unique ways.

Caja is a JavaScript compiler that rewrites any frontend code that is to be loaded into the container. During this rewrite process, insecure functionality will be stripped out and all code will be rewritten as “Caja-safe” code. When working in a Caja-defined container, the underlying application will have indirect access to the DOM of the parent container page, thereby allowing any requests to be secured as needed.

ADSafe does not rewrite the application code, but rather works by stripping out any JavaScript functionality that is deemed to be insecure. This approach is not as painful to work with as Caja’s complete rewriter, but it also doesn’t provide the extensive security approach that Caja does.

We will discuss both of these topics in more depth in Chapter 8.

Get Programming Social Applications now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.