You are here: silicon.com > Resources > White Papers > Software and Web Development > Software Development Tools > Programming Languages

Programming Languages White Papers

Using Web Application Construction Frameworks to Protect Against Code Injection Attacks

Overview This paper proposes a simple to support, yet a powerful scheme for eliminating a wide range of script injection vulnerabilities in applications built on top of popular Ajax development frameworks such as the Dojo Toolkit, prototype.js, and AJAX.NET. Unlike other client-side runtime enforcement proposals, the approach it is advocating requires only minor browser modifications. This is because the proposal can be viewed as a natural finer-grained extension of the same-origin policy for JavaScript already supported by the majority of mainstream browsers, in which it treat individual user interface widgets as belonging to separate domains.

Further White Paper Details
Publisher	Association for Computing Machinery	File Format	PDF
Date Published	May 2007
Format	White Papers
Topics	Programming Languages, Software Engineering, Security Management

Did you find this white paper useful? 6 out of 8 users found this white paper useful

Google ready for Microsoft search face-off

The game is to work yourself as deep as possible in that natural work flow. This is an attempt by Google to dig deeper into the natural work flow of existing and future users," Berk said. Google developed its Deskbar by adapting a Microsoft API...

Channel:
WebWatch

Microsoft wins 'HTML application' patent

This relaxed security allows an HTML author to do things such as: read from a user's local computer; write to a user's local computer and perform scripting of frames between domains. Because HTML and scripting languages are run inside a web browser...

Channel:
Applications

Mozilla pays bug hunter $2,500 for Firefox flaw finds

The Mozilla Foundation has given $2,500 to a security researcher for discovering vulnerabilities in its free web browser. Microsoft also highlighted its cash-reward scheme for informants who help law enforcement agencies to convict virus writers.

Channel:
Security Strategy
Tags:
bugs,
firefox

BitTorrent gets Opera's support

We consider it a natural extension of other download mechanisms. Norwegian web browser company Opera has released a new test version of its software that supports the BitTorrent peer-to-peer technology, one of the most popular tools in the file...

Channel:
WebWatch
Tags:
bittorrent,
opera,
p2p

LiMo adds browser-based UI kit to arsenal

The mobile Linux company Movial officially joined the LiMo Foundation on Monday, bringing with it its toolkit for creating browser-based user interfaces. Movial's toolkit, the Browser D-Bus Bridge, will be open-sourced within the next 90 days...

RIM allows developers to spice up the BlackBerry

RIM is also promising the new tools will offer developers better functionality for their browser-based mobile applications, notably improved web-page rendering with Ajax, Javascript 1.5, CSS 2.1, DOM L2 and HTML 4.01, and support for downloading...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Programming Languages White Papers

Using Web Application Construction Frameworks to Protect Against Code Injection Attacks

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific