Sandboxing JavaScript
Daniel Ribeiro
752

Researching sandboxed JavaScript I came across Mark S Miller’s work at Google Research on Distributed Resilient Secure ECMAScript (Dr. SES). The video provides brilliant clarity on security. https://www.youtube.com/watch?v=w9hHHvhZ_HY

Long story short. I would really like to combine javascript objects from untrusted developers with objects from trusted developers into collections of hierarchical objects for rich enterprise applications. Such as SAP grade bills of material editing combined with customer service comments. We tried iframes and found they are unable to persist the expected user experience.