RedactDOM: Preventing Sensitive Data Leaking through Embedded Scripts

Longze Chen, Yuchen Zhou, David Evans

University of Virginia

Poster presented at IEEE Security and Privacy (Oakland 13')

Redactdom
  • Introduction

    Third-party embedded scripts provide a powerful way to build rich web applications, but raise important security risks. These untrusted scripts can access everything on the embedding web pages including sensitive data, which can then be leaked to malicious third-party servers. We propose RedactDOM, an egress-based approach that prevents untrusted scripts from leaking sensitive information without disrupting the scripts’ functionality. For each page, a projection page is created with a redacted DOM that has the structure and scripts from the original page but removes all potentially sensitive data. RedactDOM blocks outgoing requests generated by untrusted scripts on the real page and replaces them with a safe substitutes from the redacted page.