Caja project

From Wikipedia, the free encyclopedia

Cajita

Paradigm	object-capability
Appeared in	2007
Designed by	Mark S. Miller
Developer	Google Inc.
Typing discipline	strong, dynamic
Major implementations	Caja project
Influenced by	E, ADsafe, JavaScript
Influenced	Jacaranda

Caja is a Google project for "virtual iframes" based on the principles of object-capabilities. Caja takes JavaScript, HTML, and CSS input and rewrites it into a safe subset of HTML and CSS, plus a single JavaScript function with no free variables. That means the only way such a function can modify an object is if it is given a reference to the object by the host page. Instead of giving direct references to DOM objects, the host page typically gives references to wrappers that sanitize HTML, proxy URLs, and prevent redirecting the page; this allows Caja to prevent certain phishing attacks, prevent cross-site scripting attacks, and prevent downloading malware. Also, since all rewritten programs run in the same frame, the host page can allow one program to export an object reference to another program; then inter-frame communication is simply method invocation.

The word "caja" is Spanish for “box” or "safe" (as in a bank), the idea being that Caja can safely contain JavaScript programs as well as being a capabilities-based JavaScript.

Caja emulates ECMAScript 5 strict mode (called "Valija" in the Caja documents) on top of a much smaller subset of JavaScript, named "Cajita". Cajita removes all the parts of JavaScript that are insecure or that make defensive programming impractical, resulting in an object-capability language. Then Valija simulates the parts that are incompatible with defensive programming (such as monkey patching) while maintaining isolation. Cajita is much faster than Valija and more secure than JavaScript, but typically incompatible with existing code.

Caja is being adopted by MySpace^[1][2] and Yahoo!.^[3]

[edit] References

[edit] See also

• Joe-E, an object-capability subset of Java
• ADsafe, a similar subset of Javascript
• E

[edit] External links

• Caja project
• Caja draft specification: "Safe active content in sanitized JavaScript", Mark S. Miller, Mike Samuel, Ben Laurie, Ihab Awad, Mike Stay
• Yahoo!/Google Caja Javascript Sandbox

v • d • e Object-capability security OS kernels NLTSS · KeyKOS · EROS · CapROS · Coyotos Programming languages Joule · E · Cajita Systems using capabilities CapDesk · Plash Specialised hardware Cambridge CAP Concepts Principle of least authority (POLA) · Confused deputy problem · Ambient authority · File descriptor · C-list · Capability-based security · Capability-based addressing

v • d • e ECMAScript   ECMAScript Dialects ActionScript · Caja · JavaScript / LiveScript · JScript · JavaScript OSA · JScript .NET · Objective-J · QtScript · WMLScript Render Engines InScript · JavaScriptCore (SquirrelFish)  · JScript · KJS · Futhark · Linear B · Narcissus · QtScript · Rhino · SpiderMonkey (TraceMonkey) · Tamarin · V8 Other Brendan Eich · Ecma International · SunSpider · DHTML Layout Engines   Application Framework JavaScript (client-side) Ample SDK · Clean AJAX · CougarXML · Dojo · Echo · Ext · jQuery · midori · MochiKit · MooTools · OpenLink AJAX · Prototype JavaScript · Pyjamas · qooxdoo · Rialto · Rico · script.aculo.us · SmartClient · SproutCore · Spry · Yahoo! UI Library · Google Web Toolkit (server-side) AppJet · Jaxer Others Others ActionScript: (PureMVC) Multiple Implementations Cappuccino (JavaScript / Objective-J)

v • d • e                   Google Inc.  [full navpage] Chairman/CEO: Eric E. Schmidt · Director/Technology President/Co-Founder: Sergey Brin · Director/Products President/Co-Founder: Larry Page Other Directors: John Doerr · John L. Hennessy · Arthur D. Levinson · Ann Mather · Paul Otellini · Ram Shriram · Shirley M. Tilghman · CFO: Patrick Pichette · Senior Advisor: Al Gore Advertising Ad Manager · Adscape · AdSense · Advertising Professionals · AdWords · Analytics · Checkout · DoubleClick Communication Alerts · Calendar · Friend Connect · Gmail (history · interface) · Groups · Gtalk · Latitude · Orkut · Q & A · Reader · Translate · Voice · Wave Software Chrome · Chrome OS · Desktop · Earth · Gadgets · Gmail Mobile · Pack · Picasa · PowerMeter · SketchUp · Talk · Toolbar · Updater · Urchin Platforms Account · Android · App Engine · Apps · Base · BigTable · Caja · Co-op · Gears · GFS · Health · Native Client · OpenSocial · Wave Development tools AJAX APIs · Code · Gadgets API · GData · Googlebot · Guice · GWS · Image Labeler · KML · MapReduce · Pinyin · SketchUp Ruby · Sitemaps · Summer of Code · TechTalks · Web Toolkit · Website Optimizer Publishing Blogger · Bookmarks · Docs · FeedBurner · iGoogle · Jaiku · Knol · Map Maker · Panoramio · Picasa Web Albums · Sites (JotSpot) · YouTube Search (PageRank) Appliance · Audio · Books (Library Project) · Code · Desktop · Finance · GOOG-411 · Images · Maps (Street View) · News · Patents · Products · Scholar · SearchWiki · Usenet · Video · Web Search · Analysis: Insights for Search · Trends · Webmaster guidelines Discontinued Answers · Browser Sync · Click-to-Call · Dodgeball · Joga Bonito · Lively · Mashup Editor · Notebook · Page Creator · Video Marketplace · Web Accelerator See also Acquisitions · Bomb · Censorship · Criticism · Foundation · Google China · Google.org · Googleplex · History · Hoaxes · I'm Feeling Lucky · I/O · Labs · Logo · Lunar X Prize · Products · Ventures · WiFi · Zeitgeist Annual revenue: US$21.80 billion (▲31% FY 2008) · Employees: 20,164 full-time (Mar. 31, 2009) · Stock symbol: (NASDAQ: GOOG, LSE: GGEA) · Motto: Don't be evil · Website: www.google.com