Object views: Fine-grained sharing in browsers
Venue
Proceedings of the International Conference on World Wide Web, World Wide Web Consortium (2010)
Publication Year
2010
Authors
Leo Meyerovich, Adrienne Felt, Mark S. Miller
BibTeX
Abstract
Browsers do not currently support the secure sharing of JavaScript objects between
principals. We present this problem as the need for object views, which are
consistent and controllable versions of objects. Multiple views can be made for the
same object and customized for the recipients. We implement object views with a
JavaScript library that wraps shared objects and interposes on all access attempts.
Developers can control the fine-grained behavior of objects with an aspect system
that accepts programmatic policies. The security challenge is to fully mediate
access to objects shared through a view and prevent privilege escalation. To
facilitate simple document sharing, we build a policy system for declaratively
defining policies for document object views. Notably, our document policy system
makes it possible to hide elements without breaking document structure invariants.
We discuss how object views can be deployed in two settings: same-origin sharing
with rewriting-based JavaScript isolation systems like Google Caja, and
inter-origin sharing between browser frames over a message-passing channel.
