Introducing the Web Sandbox

The Web Sandbox explores how to advance the Web Platform to improve security, isolation, and quality of service protections for your web site and users.

The Web Sandbox project has a wide scope. The HTML elements and attributes, CSS selectors and properties, JavaScript constructs and statements, and all the DOM APIs eventually will need to be evaluated and reviewed. While daunting, this is a not only a challenge that's worth the effort, but also one that needs to be tackled properly. This area of the site is a set of living documents that will be updated and expanded over the coming weeks and months.

The overview section outlines the risks and opportunities. "Using the Sandbox" targets web developers who want to understand how untrusted code is integrated, and explores the current plans and limitations of the Sandbox. "Hosting the Sandbox" explains how to use the technology to isolate code on your own site. Finally, the Architecture section explains how we built the Sandbox.

Last, and perhaps most important, are the discussion forums. We need your help to advance the Sandbox. We want your feedback. We want to know if you found any exploits, and we want to work together with you to define, refine, and drive an appropriate security model.

The Web Sandbox Team

• Privacy Statement
• Terms of Use