• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Caja "Ka-ha" Introduction
 

Caja "Ka-ha" Introduction

on

  • 973 views

 

Statistics

Views

Total Views
973
Views on SlideShare
973
Embed Views
0

Actions

Likes
1
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Caja "Ka-ha" Introduction Caja "Ka-ha" Introduction Presentation Transcript

    • Caja"KA-ha”
      yiminghe@gmail.com
      承玉
      2011-09-20 Draft
    • Outline
      Background
      Caja Introduction
      Caja Internal
      Learn By Example
    • Javascriptis dangerous ?
    • Stealing cookies
    • DDOS
      Make requests to your server
    • Expose all information
      See what it should not see
    • Load viral script
      Can load any number viral scripts as it want
    • Forge id
      Ask for information from user as your id
    • Finnally Leak
      Send what it got to remote server
    • So ?
    • But
    • Caja Comes
      HTML , CSS , JavaScript Security
      Object Capability Javascript
      Safe subset of javascript
      Related
      Microsoft Web Sandbox
      FBJS
      YAHOO! Adsafe
    • Sanitize
    • YAP
    • Make app safe
    • Object Capabilty
      Caja use object-capability security model
    • What does it mean
      other
      callee
      caller
      Caller can call callee by reference
      Caller can not call other in global namespace
    • How to get reference
      creation or introduction
    • Internals
      Backend
      frontend
    • backend
      Rewrite source code to allow runtime check
    • frontend
      Runtime check at browser
      Object properties descriptor enhance
      Global prevent
      Wrap native DOM
      Iframed isolation
    • Iframed isolation
    • frontend
    • Learn By Example
    • Simple example
      Sourcecode
      this.x=1;window.alert(2);
      Issues ?
    • Compiled code:
      ___.loadModule({
      'instantiate':function(___, IMPORTS___){
      vardis___ = IMPORTS___;
      varmoduleResult___, x0___;
      moduleResult___ = ___.NO_RESULT;
      dis___.x_w___ ===dis___?(dis___.x= 1):dis___.w___('x', 1);
      moduleResult___ =(x0___ =IMPORTS___.window_v___?IMPORTS___.window:
      ___.ri(IMPORTS___,'window'), x0___.alert_m___? x0___.alert(2):
      x0___.m___('alert',[ 2 ]));
      returnmoduleResult___;
      },
    • Little note
      IMPORTS__ : runtime environment
      *_w__ : whether allowed to write
      w__ : intercept writing
      v__ : intercept getting
      *_m__ : whether allowed to call method
      m__ : intercept method
    • DOM example
      Source code
      document.body.style=‘color:red’;
      Issues ?
    • compiled
      vardis___ = IMPORTS___;
      varmoduleResult___, x0___, x1___;
      moduleResult___ = ___.NO_RESULT;
      moduleResult___ =(x1___ =(x0___ =IMPORTS___.document_v___?
      IMPORTS___.document: ___.ri(IMPORTS___,'document'),
      x0___.body_v___? x0___.body: x0___.v___('body')), x1___.style_w___
      === x1___?(x1___.style ='color:red'): x1___.w___('style',
      'color:red'));
      returnmoduleResult___;
    • Import KISSY
      Inject KISSY into IMPORT__
      Source:
      KISSY.DOM.addClass(el,"x");
    • compiled
      vardis___ = IMPORTS___;
      varmoduleResult___, x0___, x1___, x2___;
      moduleResult___ = ___.NO_RESULT;
      moduleResult___ =(x1___ =(x0___ =IMPORTS___.KISSY_v___?
      IMPORTS___.KISSY: ___.ri(IMPORTS___,'KISSY'), x0___.DOM_v___?
      x0___.DOM: x0___.v___('DOM')), x2___ =IMPORTS___.el_v___?
      IMPORTS___.el: ___.ri(IMPORTS___,'el'), x1___.addClass_m___?
      x1___.addClass(x2___,'x'): x1___.m___('addClass',[ x2___,'x']));
      returnmoduleResult___;
    • How
      Tell IMPORTS__ to recognize KISSY.DOM.addClass as a function
      frameGroup.makeES5Frame(document.getElementById("theGadget2"),
      {/* Grant this gadget no network access */},
      function(frame){
      // Load and run the gadget
      frame.contentCajoled(code)
      .run({
      KISSY:frameGroup.tame({
      DOM:frameGroup.markFunction(function(){})
      })
      });
      });
    • Import others
      Class : Anim
      Instance method : Anim.proto.run
      Class : EventObject
      Intance member : EventObject.proto.target
      …etc
    • Demo
    • Refer
      Caja
      http://code.google.com/p/google-caja/
      YAP
      http://developer.yahoo.com/yap/guide/caja-support.html
      http://developer.yahoo.com/yap/guide/what-are-cajas-limitations.html
      TAOBAO SHOP
      http://shopxxx.taobao.com
    • Thank you