Ben Laurie blathering

Yahoo, Caja, OpenSocial

I’m very excited that Yahoo! have launched their gadget platforms, including an OpenSocial platform. Why am I excited? Because Yahoo! require all gadgets to use Caja so that they can be sure the gadgets behave themselves without review. Caja allows the container (i.e. Yahoo!’s platform, in this case) to completely confine the untrusted Javascript (i.e. the gadget, in this case), only allowing it to perform “safe” operations. All other platforms either have to manually review gadgets or take the risk that the gadgets will do something evil to their users.


  1. awesome, and congratulations

    Comment by Ben Hyde — 29 Oct 2008 @ 14:43

  2. […] saw Ben Laurie’s post on J-PAKE, and I’m intrigued now that I’ve looked into it. I’m not a cryptographer, so I […]

    Pingback by Rob Sayre’s Mozilla Blog » Blog Archive » Security happenings — 31 Oct 2008 @ 22:47

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress