README
1.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
-------------------------------------------------------------------------------
DojoX Secure
-------------------------------------------------------------------------------
Version 0.1
Release date: 07/04/2008
-------------------------------------------------------------------------------
Project state:
alpha
-------------------------------------------------------------------------------
Project authors
Kris Zyp (kris@sitepen.com)
-------------------------------------------------------------------------------
Project description
DojoX Secure is a collection of tools for security, in particular for working with
untrusted data and code. The following tools are a part of DojoX Secure:
dojox.secure.capability - Object-capability JavaScript validation. This is
a validator to run before eval to ensure that a script can't access or modify
any objects outside of those specifically provided to it.
dojox.secure.sandbox - Provides support for loading web pages, JSON, and scripts
from other domains using XHR (and XHR plugins) with a safe subset library and
sandboxed access to the DOM.
dojox.secure.DOM - Provides a DOM facade that restricts access to
a specified subtree of the DOM. The DOM facade uses getters/setters
and lettables to emulate the DOM API.
dojox.secure.OAuth - Future project to provide an implementation of OAuth.
-------------------------------------------------------------------------------
Dependencies:
Dojo Core (package loader).
-------------------------------------------------------------------------------
Documentation
-------------------------------------------------------------------------------
Installation instructions
Grab the following from the Dojo SVN Repository:
http://svn.dojotoolkit.org/var/src/dojo/dojox/trunk/secure/*
Install into the following directory structure:
/dojox/secure/
...which should be at the same level as your Dojo checkout.