{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,18]],"date-time":"2025-11-18T23:14:54Z","timestamp":1763507694024},"publisher-location":"Berlin, Heidelberg","reference-count":20,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642414879"},{"type":"electronic","value":"9783642414886"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013]]},"DOI":"10.1007\/978-3-642-41488-6_5","type":"book-chapter","created":{"date-parts":[[2013,10,1]],"date-time":"2013-10-01T06:05:49Z","timestamp":1380607549000},"page":"67-83","source":"Crossref","is-referenced-by-count":4,"title":["SafeScript: JavaScript Transformation for Policy Enforcement"],"prefix":"10.1007","author":[{"given":"Mike","family":"Ter Louw","sequence":"first","affiliation":[]},{"given":"Phu H.","family":"Phung","sequence":"additional","affiliation":[]},{"given":"Rohini","family":"Krishnamurti","sequence":"additional","affiliation":[]},{"given":"Venkat N.","family":"Venkatakrishnan","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"key":"5_CR1","doi-asserted-by":"crossref","unstructured":"Van Acker, S., De Ryck, P., Desmet, L., Piessens, F., Joosen, W.: Webjail: Least-privilege integration of third-party components in web mashups. In: Twenty-Seventh Annual Computer Security Applications Conference (ACSAC 2011), pp. 307\u2013316 (2011)","DOI":"10.1145\/2076732.2076775"},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"Agten, P., Van Acker, S., Brondsema, Y., Phung, P.H., Desmet, L., Piessens, F.: JSand: Complete client-side sandboxing of third-party JavaScript without browser modifications. In: Annual Computer Security Applications Conference (ACSAC 2012), pp. 1\u201310 (2012)","DOI":"10.1145\/2420950.2420952"},{"key":"5_CR3","unstructured":"Douglas Crockford. ADsafe, \n                    \n                      http:\/\/www.adsafe.org\/"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Dong, X., Tran, M., Liang, Z., Jiang, X.: AdSentry: Comprehensive and flexible confinement of JavaScript-based advertisements. In: Twenty-Seventh Annual Computer Security Applications Conference (ACSAC 2011), pp. 297\u2013306 (2011)","DOI":"10.1145\/2076732.2076774"},{"key":"5_CR5","unstructured":"Ecma International. ECMAScript language specification, Standard ECMA-262, 3rd edn. (December 1999)"},{"key":"5_CR6","unstructured":"Erlingsson, U., Benjamin Livshits, V., Xie, Y.: End-to-end web application security. In: 11th Workshop on Hot Topics in Operating Systems, San Diego, CA, USA (May 2007)"},{"key":"5_CR7","unstructured":"Facebook Developers. Facebook JavaScript, \n                    \n                      http:\/\/wiki.developers.facebook.com\/index.php\/FBJS\n                    \n                    \n                   (retrieved on July 19, 2013)"},{"key":"5_CR8","unstructured":"Google Caja. A source-to-source translator for securing JavaScript-based web content, \n                    \n                      http:\/\/code.google.com\/p\/google-caja\/"},{"key":"5_CR9","unstructured":"Benjamin Livshits, V., Guarnieri, S.: Gatekeeper: Mostly static enforcement of security and reliability policies for JavaScript code. In: 18th USENIX Security Symposium, Montreal, Canada (August 2009)"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Maffeis, S., Mitchell, J.C., Taly, A.: Language-based isolation of untrusted JavaScript. In: 22nd IEEE Computer Security Foundations Symposium, Port Jefferson, NY, USA (July 2009)","DOI":"10.1109\/CSF.2009.11"},{"key":"5_CR11","unstructured":"Maffeis, S., Mitchell, J.C., Taly, A.: Run-time enforcement of secure JavaScript subsets. In: 3rd Workshop in Web 2.0 Security and Privacy, Oakland, CA, USA (May 2009)"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Meyerovich, L., Livshits, B.: ConScript: Specifying and Enforcing Fine-Grained Security Policies for JavaScript in the Browser. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy, SP 2010. IEEE Computer Society (2010)","DOI":"10.1109\/SP.2010.36"},{"issue":"6","key":"5_CR13","doi-asserted-by":"publisher","first-page":"1689","DOI":"10.1016\/j.jss.2013.02.047","volume":"86","author":"E. Ofuonye","year":"2013","unstructured":"Ofuonye, E., Miller, J.: Securing web-clients with instrumented code and dynamic runtime monitoring. Journal of Systems and Software\u00a086(6), 1689\u20131711 (2013)","journal-title":"Journal of Systems and Software"},{"key":"5_CR14","doi-asserted-by":"crossref","unstructured":"Phung, P.H., Sands, D., Chudnov, A.: Lightweight self-protecting JavaScript. In: ACM Symposium on Information, Computer and Communications Security, Sydney, Australia (March 2009)","DOI":"10.1145\/1533057.1533067"},{"key":"5_CR15","doi-asserted-by":"crossref","unstructured":"Reis, C., Dunagan, J., Wang, H.J., Dubrovsky, O., Esmeir, S.: BrowserShield: Vulnerability-driven filtering of dynamic HTML. In: 7th Symposium on Operating Systems Design and Implementation, Seattle, WA, USA (November 2006)","DOI":"10.1145\/1281480.1281481"},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"Stamm, S., Sterne, B., Markham, G.: Reining in the web with content security policy. In: Proceedings of the 19th International Conference on World Wide Web, pp. 921\u2013930 (2010)","DOI":"10.1145\/1772690.1772784"},{"key":"5_CR17","unstructured":"Wikipedia. Narcissus (JavaScript engine) (2012), \n                    \n                      http:\/\/en.wikipedia.org\/wiki\/Narcissus_JavaScript_engine\n                    \n                    \n                  , (Online; accessed December 12, 2012)"},{"key":"5_CR18","unstructured":"World Wide Web Consortium. Document object model (DOM) level 2 core specification (November 2000), \n                    \n                      http:\/\/www.w3.org\/TR\/DOM-Level-2-Core\/"},{"key":"5_CR19","unstructured":"Yigit, O.: Hash functions, \n                    \n                      http:\/\/www.cse.yorku.ca\/~oz\/hash.html"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Yu, D., Chander, A., Islam, N., Serikov, I.: JavaScript instrumentation for browser security. In: Proceedings of the 34th Proceedings of the SIGACT-SIGPLAN Symposium on Principles of Programming Languages, pp. 237\u2013249 (2007)","DOI":"10.1145\/1190216.1190252"}],"container-title":["Lecture Notes in Computer Science","Secure IT Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-41488-6_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,17]],"date-time":"2019-05-17T17:39:44Z","timestamp":1558114784000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-41488-6_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013]]},"ISBN":["9783642414879","9783642414886"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-41488-6_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2013]]}}}