Design secure Ajax Mashup

1. Who is mashup?

A web site or web application that is seamlessly merged from multiple source sites is called "mashup ". It brings integrated experience to users: pages distributed across different regions are merged and expressed in a novel reuse mode.

Typical mashup content is obtained through public interfaces or APIs from third parties. Another method is to obtain content by including web feeds (such as RSS, Atom) and Javascript (such as google AdSense.

You will experience mashup in the following places: eBay, Amazon, Google, Windows Live, and Yahoo Development Network.

Ii. Lego platform with high quality and low price

As a new way to build web applications, mashup combines programs and data services from multiple source sites on a single page. By using javascript as the "adhesive" between various source pages, these components and connections are neatly arranged on the same page, in this way, valuable new products are produced without expensive costs ".

Mashup is like a Lego set (such as the Lego Star Wars series) that binds existing interesting things together.

3. streaking on the Internet"

The streaking here is not a naked behavior in the sky, but to fully expose itself to the Internet, waiting for all kinds of relentless "bullying ".

Next, let's take a look at the possible causes of mashup's streaking:

1. Useless javascript: mashup cannot work when the component contains private information or has a private connection (at least the whole page has been prompted by forbidden to be ugly ). Javascript provides some secrets to pass through these "blocking", but the independent global objects it depends on are disabled because of the mutual distrust between the contained page and the contained page.

2. undary DOM: the DOM in mashup is really bad for security, because every DOM node is directly or indirectly linked to another node, this makes it impossible to fully call all of its functions while effectively hiding the DOM.

3. Relatively radical iframe:The structure isolates components so that they cannot attack each other. This isolation policy is safe, but this double-edged sword also breaks through the "collaboration" between components ". Mashup requires component collaboration. </P> <p> 4. ajax with limited capabilities: Use XMLHttpRequest to call limited services-unavailable to access unopened services on included pages. Mash up cannot be performed without a proxy on the server. </P> <p> In addition, rich media advertisements are mashup. These ad scripts need to access all information on the page, including cookies and authorized connections to the server. The current browser design does not take care of this integration layer, and the security mode still complies with the principle of protecting the security of this site. </P> <p> mashup requires a more fine-grained solution. </P> <STRONG> 4. Safe galloping </STRONG> </p> <p> it is not difficult to end a naked life by overcoming the bad habits of mashup. Full content isolation is not flexible, and open content access is insecure. It seems that only local communications agreed upon by both parties are the starting point for secure access ". </P> <p> JSON provides a good solution based on this viewpoint. Using the JSON module technology, you can easily install the necessary security server for your mashups (not only to prevent electric shock !). </P> <p> the author of JSON proposes a new HTML tag, which is used to split a single page into multiple modules. </P> <p> usage: </p> <TABLE cellSpacing = 0 borderColorDark = # ffffff cellPadding = 2 width = 400 align = center borderColorLight = black border = 1> <TBODY> <TR> <TD class = code bgColor = # e6e6e6> <PRE> <module id = "NAME" href = "URL" style = "STYLE"/> </PRE> </TD> </TR> </TBODY> </TABLE> <p> </p> <p> three attributes of the module: </p> <UL> <LI> 1.id: used by scripts to access module nodes. <LI> 2. href: defines the url of a script or HTML file. <LI> 3. style: defines the style of the module-sets the size and position of the module. </LI> </UL> <p> each module has two nodes (external nodes and internal nodes ). The external nodes are only exposed to external documents, and the internal nodes are windows objects of the module. One script in this module cannot call the other script to access or modify the data structure and document structure of the other. Only internal and external nodes are allowed to send and receive messages. </P> <P align = center> module communication in Figure JSON </p> <p> external nodes have sending methods, A script that sends a JSON string to an internal node. </P> <p> An external node can also receive JSON strings from an internal node. </P> <p> internal nodes also have the same sending and receiving functions. </P> <p> when calling the sending method, if the recipient's receiving method is not defined, an exception is thrown. </P> <p> such communication can only be sent and received through mutual cooperation. In addition, the communication content can only be JSON text, and JSON text can undertake simple exchanges and complex data structures (capacity leakage occurs when javascript objects are not exchanged ). </P> <p> similar to the internal communication mechanism of a module, each module can collaborate with a page, and pages can also facilitate communication between modules. The communication capability between modules and pages only relies on the collaborative sending and receiving functions. The module source and page are irrelevant. </P> <STRONG> 5. Inspiration: </STRONG> </p> <p> the JSON author provides a new browser security mode. Therefore, web application development can be "Ahead" of the browser technology (maybe the browser will soon follow up ). </P> <p> This module does not modify javascript, but only slightly modifies HTML. </P> <STRONG> 6. Reference resources: </STRONG> http://www.json.org/module.html </p> <p> (<p class = "blank10"> </p> <p class = "blank10"> </p> <p class = "blank1"> </p>