Protection against third party JavaScript vulnerabilities

摘要

Embodiments protect against security vulnerabilities arising from 3^rd party JavaScript code. A browser receives from a server, a document including a first JavaScript. The browser in turn references a list stored in a database to recognize the first JavaScript as originating from other than the server. This recognition process may involve obtaining a stacktrace. The browser then references a second JavaScript in order to instrument a document object model (DOM) feature (e.g., global API, DOM element-attached API, DOM node property) to sanitize the first JavaScript. For instrumenting a global API, this may comprise overwriting a global reference in the first JavaScript with a replacement reference to a sanitization function. For instrumenting the DOM element-attached API or the DOM node property, the instrumenting may comprise altering a prototype of the DOM node element. The browser causes the DOM feature to sanitize the first JavaScript, and passes a sanitized JavaScript for execution.