dojox.secure

Authors: Kris Zyp
Developers:Kris Zyp
since:V1.2

Contents

DojoX Secure is a collection of tools for security, in particular for working with untrusted data and code.

Features

  • dojox.secure.sandbox

    Provides support for loading web pages, JSON, and scripts from other domains using XHR (and XHR plugins) with a safe subset library and sandboxed access to the DOM. Generally this is the only module that you will need to interact with if you are building secure mashups.

  • dojox.secure.capability

    Object-capability JavaScript validation. This is a validator to run before eval to ensure that a script can't access or modify any objects outside of those specifically provided to it.

  • dojox.secure.DOM

    Provides a DOM facade that restricts access to a specified subtree of the DOM. The DOM facade uses getters/setters and lettables to emulate the DOM API.