Data Confined HTML5 Applications
Code Release for our ESORICS 2013 Paper "Data-confined HTML5 Applications".
The firefox-modifications folder contains our patches to Firefox along with a modified build. The dcfattribute patch adds support for a dcfsandbox attribute. The blockclientside patch disables client-side cross-origin channels for data-confined sandboxes. The monitor is implemented via an extension, which is the xpi file in the firefox-modifications folder.
The casestudie folder contains all our case studies. Read the full paper for details.