Semantics and Security Issues in JavaScript
نویسندگان
چکیده
There is a plethora of research articles describing the deep semantics of JavaScript. Nevertheless, such articles are often difficult to grasp for readers not familiar with formal semantics. In this report, we propose a digest of the semantics of JavaScript centered around security concerns. This document proposes an overview of the JavaScript language and the misleading semantic points in its design. The first part of the document describes the main characteristics of the language itself. The second part presents how those characteristics can lead to problems. It finishes by showing some coding patterns to avoid certain traps and presents some ECMAScript 5 new features.
منابع مشابه
An Operational Semantics for JavaScript
We define a small-step operational semantics for the ECMAScript standard language corresponding to JavaScript, as a basis for analyzing security properties of web applications and mashups. The semantics is based on the language standard and a number of experiments with different implementations and browsers. Some basic properties of the semantics are proved, including a soundness theorem and a ...
متن کاملCross-Origin JavaScript Capability Leaks: Detection, Exploitation, and Defense
We identify a class of Web browser implementation vulnerabilities, cross-origin JavaScript capability leaks, which occur when the browser leaks a JavaScript pointer from one security origin to another. We devise an algorithm for detecting these vulnerabilities by monitoring the “points-to” relation of the JavaScript heap. Our algorithm finds a number of new vulnerabilities in the opensource Web...
متن کاملInformation Flow Control in WebKit's JavaScript Bytecode
Websites today routinely combine JavaScript from multiple sources, both trusted and untrusted. Hence, JavaScript security is of paramount importance. A specific interesting problem is information flow control (IFC) for JavaScript. In this paper, we develop, formalize and implement a dynamic IFC mechanism for the JavaScript engine of a production Web browser (specifically, Safari’s WebKit engine...
متن کاملType-based Dependency Analysis for JavaScript Technical Report
Dependency analysis is a program analysis that determinespotential data flow between program points. While it is not asecurity analysis per se, it is a viable basis for investigatingdata integrity, for ensuring confidentiality, and for guaran-teeing sanitization. A noninterference property can be statedand proved for the dependency analysis.We have designed and implement...
متن کاملSemantics-Preserving Dissection of JavaScript Exploits via Dynamic JS-Binary Analysis
JavaScript exploits impose a severe threat to computer security. Once a zero-day exploit is captured, it is critical to quickly pinpoint the JavaScript statements that uniquely characterize the exploit and the payload location in the exploit. However, the current diagnosis techniques are inadequate because they approach the problem either from a JavaScript perspective and fail to account for “i...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- CoRR
دوره abs/1212.2341 شماره
صفحات -
تاریخ انتشار 2012