[WEB SECURITY] experiences with third-party web widgets

Bil Corry bil at corry.biz
Mon Jul 5 11:31:13 EDT 2010


Jeremiah Grossman wrote on 7/1/2010 1:36 PM: 
> Using a recent post blog post [1] as context, I'm curious to hear
> experiences from others within various organizations about how they
> view or approach the security risks of third-party web widgets.

I'm curious what the latest ideas/research for making web widgets safe are, such as AdSafe [1] and sandboxed iframes [2].


- Bil

[1] http://www.adsafe.org/
[2] http://www.whatwg.org/specs/web-apps/current-work/multipage/the-iframe-element.html#attr-iframe-sandbox

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

To unsubscribe email websecurity-unsubscribe at webappsec.org and reply to 
the confirmation email

Join WASC on LinkedIn 
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

WASC on Twitter
http://twitter.com/wascupdates



More information about the websecurity mailing list