Web Sandbox is a project from Microsoft Live Labs, a group focused on Internet technologies. It tries to solve a problem all web 2.0 sites have: Mashup security. Mashup is when you include a 3rd party script in your page, like for example maps - almost no effort to include on your website.
Web Sandbox is using a common technique called “virtualization”, so the javascript code instead of being executed directly in the browser is executed in the “sandbox” first. The sandbox runs in any modern browser: IE7/8, Firefox 2/3, Chrome, Opera.
It injects this layer between the html page (with css, javascript etc) and the browser. This virtualized layer transforms the code into an “executable” entity that will run in the sandbox. The sandbox then checks for security issues by running the javascripts.
The intercepting layer is inserted through a code transformation. By default this transformation executes server side. Alternatively, when Silverlight is installed, the transformation could also execute client-side, thus saving the round-trip to the server.
Check it out: http://websandbox.livelabs.com/
Related posts:
- Microsoft Web Sandbox Goes Open Source We talked before about Microsoft’s web sandbox here. Web Sandbox is...
- Security Best Practices For Developing Windows Azure Applications As businesses seek to cost-effectively consume IT services, interest is...
- Windows 7 Beta UAC Security Flaw Expert blogger Long Zheng blows the wistle on a security flaw in...
