{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T03:48:49Z","timestamp":1760586529317,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2010,4,26]],"date-time":"2010-04-26T00:00:00Z","timestamp":1272240000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2010,4,26]]},"DOI":"10.1145\/1772690.1772786","type":"proceedings-article","created":{"date-parts":[[2010,4,27]],"date-time":"2010-04-27T12:45:48Z","timestamp":1272372348000},"page":"941-950","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Alhambra"],"prefix":"10.1145","author":[{"given":"Shuo","family":"Tang","sequence":"first","affiliation":[{"name":"University of Illinois, Urbana-Champaign, Urbana, IL, USA"}]},{"given":"Chris","family":"Grier","sequence":"additional","affiliation":[{"name":"University of California, Berkeley, Berkeley, CA, USA"}]},{"given":"Onur","family":"Aciicmez","sequence":"additional","affiliation":[{"name":"Samsung Advanced Institute of Technology, San Jose, CA, USA"}]},{"given":"Samuel T.","family":"King","sequence":"additional","affiliation":[{"name":"University of Illinois, Urbana-Champaign, Urbana, IL, USA"}]}],"member":"320","published-online":{"date-parts":[[2010,4,26]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"W3C Document Object Model. http:\/\/www.w3.org\/DOM\/.  W3C Document Object Model. http:\/\/www.w3.org\/DOM\/."},{"key":"e_1_3_2_1_2_1","unstructured":"Alexa Internet Inc. Alexa top 500 global sites. http:\/\/www.alexa.com\/topsites.  Alexa Internet Inc. Alexa top 500 global sites. http:\/\/www.alexa.com\/topsites."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.22"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455782"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-70542-0_2"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/224056.224058"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.5555\/1060289.1060309"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2008.19"},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Gundy M. V.","year":"2009","unstructured":"M. V. Gundy and H. Chen . Noncespaces: Using randomization to enforce information flow tracking and thwart cross-site scripting attacks . In Proceedings of the Network and Distributed System Security Symposium , February 2009 . M. V. Gundy and H. Chen. Noncespaces: Using randomization to enforce information flow tracking and thwart cross-site scripting attacks. In Proceedings of the Network and Distributed System Security Symposium, February 2009."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1242572.1242654"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1141277.1141357"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1023\/B:VISI.0000029664.99615.94"},{"key":"e_1_3_2_1_13_1","unstructured":"G. Maone. NoScript - JavaScript\/Java\/Flash blocker for a safer Firefox experience! 2008. http:\/\/noscript.net\/.  G. Maone. NoScript - JavaScript\/Java\/Flash blocker for a safer Firefox experience! 2008. http:\/\/noscript.net\/."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1508244.1508254"},{"key":"e_1_3_2_1_15_1","unstructured":"Mozilla. Security\/csp 2009. https:\/\/wiki.mozilla.org\/Security\/CSP.  Mozilla. Security\/csp 2009. https:\/\/wiki.mozilla.org\/Security\/CSP."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Nadji Y.","year":"2009","unstructured":"Y. Nadji , P. Saxen , and D. Song . Document structure integrity: A robust basis for cross-site scripting defense . In Proceedings of the Network and Distributed System Security Symposium , February 2009 . Y. Nadji, P. Saxen, and D. Song. Document structure integrity: A robust basis for cross-site scripting defense. In Proceedings of the Network and Distributed System Security Symposium, February 2009."},{"key":"e_1_3_2_1_17_1","unstructured":"Perl.org. Perl taint mode. http:\/\/perldoc.perl.org\/perlsec.html.  Perl.org. Perl taint mode. http:\/\/perldoc.perl.org\/perlsec.html."},{"key":"e_1_3_2_1_18_1","volume-title":"IE8 Security Part IV: The XSS Filter","author":"Ross D.","year":"2008","unstructured":"D. Ross . IEBlog : IE8 Security Part IV: The XSS Filter , 2008 . http:\/\/blogs.msdn.com\/ie\/archive\/ 2008\/07\/01\/ie8-security-part-iv-thexss-filter.aspx. D. Ross. IEBlog : IE8 Security Part IV: The XSS Filter, 2008. http:\/\/blogs.msdn.com\/ie\/archive\/ 2008\/07\/01\/ie8-security-part-iv-thexss-filter.aspx."},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of the 16th Annual Network and Distributed System Security Symposium","author":"Sekar R.","year":"2009","unstructured":"R. Sekar . An efficient black-box technique for defeating web application attacks . In Proceedings of the 16th Annual Network and Distributed System Security Symposium , February 2009 . R. Sekar. An efficient black-box technique for defeating web application attacks. In Proceedings of the 16th Annual Network and Distributed System Security Symposium, February 2009."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180426"},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of the 2004 USENIX Technical Conference","author":"Srinivasan S.","year":"2004","unstructured":"S. Srinivasan , S. Kandula , C. Andrews , and Y. Zhou . Flashback: A light-weight rollback and deterministic replay extension for software debugging . In Proceedings of the 2004 USENIX Technical Conference , June 2004 . S. Srinivasan, S. Kandula, C. Andrews, and Y. Zhou. Flashback: A light-weight rollback and deterministic replay extension for software debugging. In Proceedings of the 2004 USENIX Technical Conference, June 2004."},{"volume-title":"Symantec Global Internet Security Threat Report Trends for July-December","year":"2008","key":"e_1_3_2_1_22_1","unstructured":"Symantec. Symantec Global Internet Security Threat Report Trends for July-December 07, April 2008 . http:\/\/www.symantec.com\/business\/ theme.jsp?themeid=threatreport. Symantec. Symantec Global Internet Security Threat Report Trends for July-December 07, April 2008. http:\/\/www.symantec.com\/business\/ theme.jsp?themeid=threatreport."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.33"},{"key":"e_1_3_2_1_24_1","volume-title":"Proceeding of the Network and Distributed System Security Symposium (NDSS)","author":"Vogt P.","year":"2007","unstructured":"P. Vogt , F. Nentwich , N. Jovanovic , E. Kirda , C. Kruegel , and G. Vigna . Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis . In Proceeding of the Network and Distributed System Security Symposium (NDSS) , San Diego, CA , February 2007 . P. Vogt, F. Nentwich, N. Jovanovic, E. Kirda, C. Kruegel, and G. Vigna. Cross-Site Scripting Prevention with Dynamic Data Tainting and Static Analysis. In Proceeding of the Network and Distributed System Security Symposium (NDSS), San Diego, CA, February 2007."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294263"},{"key":"e_1_3_2_1_26_1","unstructured":"WebKit. The webkit open source project. http:\/\/www.webkit.org.  WebKit. The webkit open source project. http:\/\/www.webkit.org."},{"key":"e_1_3_2_1_27_1","unstructured":"XSSed.com. XSSed - XSS (cross-site scripting) information and vulnerabile websites archive. http:\/\/xssed.com.  XSSed.com. XSSed - XSS (cross-site scripting) information and vulnerabile websites archive. http:\/\/xssed.com."},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of the 15th USENIX Security Symposium","author":"Xu W.","year":"2006","unstructured":"W. Xu , S. Bhatkar , and R. Sekar . Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks . In Proceedings of the 15th USENIX Security Symposium , August 2006 . W. Xu, S. Bhatkar, and R. Sekar. Taint-enhanced policy enforcement: A practical approach to defeat a wide range of attacks. In Proceedings of the 15th USENIX Security Symposium, August 2006."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629604"}],"event":{"name":"WWW '10: The 19th International World Wide Web Conference","acronym":"WWW '10","location":"Raleigh North Carolina USA"},"container-title":["Proceedings of the 19th international conference on World wide web"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1772690.1772786","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1772690.1772786","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T11:39:34Z","timestamp":1750246774000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1772690.1772786"}},"subtitle":["a system for creating, enforcing, and testing browser security policies"],"short-title":[],"issued":{"date-parts":[[2010,4,26]]},"references-count":29,"alternative-id":["10.1145\/1772690.1772786","10.1145\/1772690"],"URL":"https:\/\/doi.org\/10.1145\/1772690.1772786","relation":{},"subject":[],"published":{"date-parts":[[2010,4,26]]},"assertion":[{"value":"2010-04-26","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}