The document discusses techniques for creating secure mashups, including server-side and client-side approaches. It describes challenges around trust between participants and potential exploits. It provides an overview of tools like ADsafe, Caja, and dojox.secure that aim to sandbox code by restricting language features and access. Dojox.secure in particular provides a full framework for loading, validating, and restricting access to DOM for third-party widgets in a controlled manner.