ADsafe, a limited java library

Talk about internet security, computer security, personal security, your social security number...
Post Reply
morganism
Senior Member
Posts: 116
Joined: Tue Nov 26, 2013 9:44 pm

ADsafe, a limited java library

Post by morganism » Sun Dec 11, 2016 8:56 pm

"ADsafe makes it safe to put guest code (such as third party scripted advertising or widgets) on a web page. ADsafe defines a subset of JavaScript that is powerful enough to allow guest code to perform valuable interactions, while at the same time preventing malicious or accidental damage or intrusion."

http://www.adsafe.org/

this doesn't appear to be aligned with adsafe media, but should be checked out....
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20130410 Firefox/23.0

barbaz
Senior Member
Posts: 9173
Joined: Sat Aug 03, 2013 5:45 pm

Re: ADsafe, a limited java library

Post by barbaz » Sun Dec 11, 2016 9:07 pm

*Always* check the changelogs BEFORE updating that important software!
-

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: ADsafe, a limited java library

Post by Thrawn » Sun Dec 11, 2016 9:56 pm

Well, it can only be a good thing to put limits on what ad JavaScript can do, but I wouldn't put all my eggs in that basket...

https://www.trustwave.com/Resources/SpiderLabs-Blog/ModSecurity-XSS-Evasion-Challenge-Results/
https://www.google.com.au/search?q=mentaljs+bypass
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0

Post Reply