Resolving JavaScript Vulnerabilities in Browser Runtime
With the phenomenal growth of the Internet over the last decade, the security of web applications has become a focal point.
This in turn has caused security defects or vulnerabilities to become significant problems for many organizations.
In this paper, we detail research into the design and implementation of a web application protection system based upon the code instrumentation of embedded JavaScript in HTML responses.
This instrumentation or rewriting process when augmented with input security policies will greatly reduce incidences of web application exploits
that have put a question mark on the use of the web as a platform for business and social networking. The
fully integrated and customizable system promises to protect client privacy as well as application integrity from malicious injected or downloaded code. The
paper includes a demonstration of the system’s capabilities across 1000 home pages belonging to the most popular web sites on the Internet.